Resource Center

White Papers

4 Steps to Forensic Windows Password Cracking

Your Guide to a Repeatable Process for Determining and Retrieving User Passwords

Download the white paper today!

In late 2016, Microsoft introduced a large anniversary update for Windows 10, which included changes to the standard Windows 10 login workflow. Designed to address a vulnerability that allowed malicious users to deploy a certain form of ransomware, these changes nonetheless rendered most password cracking tools useless.

Register for our white paper to learn more about:

  • What the changes entailed and where password data is now located.
  • How to obtain the SAM and SYTEM hives from the forensic image.
  • Using MIMIKATZ to unencrypt the NTLM encrypted hash.
  • How to use the AXIOM Wordlist Generator to create a dictionary file of the words contained in the case file that has been processed.
  • Using hashcat to run a dictionary attack against the NTLM to recover the password

Find the AXIOM Wordlist Generator here!

“In late 2016, Microsoft introduced a large anniversary update for Windows 10, which included changes to the standard Windows 10 login workflow. Designed to address a vulnerability that allowed malicious users to deploy a certain form of ransomware, these changes nonetheless rendered most password cracking tools useless.”

Download 4 Steps to Forensic Windows Password Cracking by filling out the form below.

Download the White Paper

Subscribe today to hear directly from Magnet Forensics on the latest product updates, industry trends, and company news.

Start modernizing your digital investigations today.

Top