hashes | Andronicus

Pre-computed Hash Table, v. 1.0

2019-06-10 Credential Research News No Comments

Torrent file => 600 Million Passwords – Pre-computed Hash Table This is a list of 600 Million unique plain-text passwords collected from about 100 of the largest database dumps from about a decade ending in the summer of 2018. I then generated NTLM, sha1, sha256, MySQL, and MD5 hashes from…

And more data

2019-06-04 Credential Research No Comments

As you may know, I’ve been working on collecting the biggest leaked databases that I can find. Well, I stumbled upon one called “Collection #1 Leaked.” Finding the torrent, I put it into the client and began downloading it. When it was done, the archive was about 36GB. Unzipped, it…

Password Database Progress

2018-04-16 Credential Research No Comments

Over the past few months, I’ve been collecting databases of hacked accounts. I’ve already gone into some depth as to why (password audits), so I won’t go over that here. But it’s been interesting carefully working through how to pull out the truly unique passwords. At first, I assumed that…

More and More Data

2018-03-03 Credential Research No Comments

Man, this server screams. I’ve been able to do in a week on the new server what it took two months to do on the old one. In the old server, I had about 1.7 Billion records. I’ve moved those over to the new server. Additionally, I have acquired and…

Lots of Data Dumps – Server Finally Finished

2018-02-25 Credential Research No Comments

Wow, there have been a lot of breaches. I’ve been processing data from the Breach Compilation database. As I’ve been doing that, I have also been finding, researching, and downloading others. 320 Million here, 100 Million there. So far, I have 56 databases to work with. Who knows how many…

73.2M Hashes and Metasploit for Beginners

2018-02-05 Credential Research Metasploit News No Comments

The BreachCompilation database weighs in at 1.4 Billion records. Out of that, there are about 400 Million unique passwords. That is a lot of password reuse. The goal right now is to create NTLM hashes for those 400M passwords. This will aid in weak password audits. So far, we’ve hashed…

400 Million NTLM Hashes

2018-02-02 Credential Research No Comments

Analyzing the BreachCompilation database, my first goal was to count how many times each unique password showed up in the data. As it turns out, there are approximately 400 Million unique passwords. The top 1 Million most common passwords and how many times they showed up can be found on…

BreachCompilation Analysis

2018-01-30 Credential Research No Comments

Database dumps containing user credentials are not a new thing. One of the more recent contains 1.4 Billion email addresses and passwords. This database is referred to as “BreachCompilation.” More information about this database can be found at the end of this post. A few weeks ago, I started to wonder…