0Pricing
Ethical Hacking Academy · Lesson

Cracking Hashes

Identifying and attacking.

Why Crack Hashes?

During an engagement you often recover password hashes from databases, config files, or memory dumps. Cracking them confirms weak passwords and demonstrates real impact to the client.

Remember: hashing is one-way. You cannot reverse a hash directly. Instead you guess inputs, hash each guess, and compare to the target.

Step 1: Identify the Hash

Before cracking you must know which algorithm produced the hash. Clues come from length and format:

  • 32 hex chars likely MD5.
  • 40 hex chars likely SHA-1.
  • 64 hex chars likely SHA-256.
  • Starts with $2b$ means bcrypt; $argon2 means Argon2.

All lessons in this course

  1. Encoding vs Encryption
  2. Hashing
  3. Symmetric and Asymmetric
  4. Cracking Hashes
← Back to Ethical Hacking Academy