This is a really impressive project, especially starting at 14. The point about there being no single comprehensive resource rings true, I've tried to learn about password security before and always ended up jumping between five different tabs just to understand one concept.
Thanks for sharing. This looks interesting. Impressive achievement.
This book is currently not really relevant for me, so I just skimmed the samples on Amazon.
I found the technical content to be reasonably accurate and interesting although sometimes a little bit verbose (e.g., the section about 'what is a password') or slightly imprecise. In general, I think this book might have benefited from a thorough copyediting pass. There are quite a few grammar errors and unpolished sentences in the book, e.g.:
> The reason why Linux is imperative is that well, for one, most of the tools we will use, while indeed have builds for other systems, like Windows, in this book we will work with Linux.
Are you drunk? He’s lucky Google and Amazon haven’t noticed yet. If he wants to keep access to his accounts he should pull them down immediately and distribute via torrent.
Why? Don't they both sell other books on cracking and pentesting and whatever? There are tons of videos on YouTube about hashcat and aircrack-ng and rainbow tables and blah blah blah.
You think this stuff is some kind of secret or illicit knowledge?
The video is just less than half a minute of him flipping through some pages in the book anyway.
I would love to hear more about the process of writing and preparing it for publishing. It's self-published? How did you do the typesetting and the diagrams?
I too would be interested in hearing about the writing and formatting process. I described my own process as a software engineer and first-time novelist here:
https://frequal.com/forwriters/
Congratulate on finishing such a big project on a complicated topic, and putting in all this effort so that others can learn as well. I enjoyed reading the first few pages on Amazon
when i was running 150k amd gpus... i really wanted to use the cluster to run hashcat to help people recover lost things. i couldn't convince management that that was a profitable business to run.
When I lived in Adelaide, Australia 2006 or 2007, flexible-neck LED lamps that you plugged into an USB port to have light on your keyboard (backlit keyboards were not the norm on laptops) were a novelty item.
People simply didn't /know/ about them/that they existed at all.
I went to a computer/electronics shop in town and asked for them.
The guy told me: "We don't stock them because people don't ask for them."
The reason is, that using hashcat is not complicated for people who have linux experience and the amount of people wanting to crack a password is probably not that high.
Otherwise you do find plenty of people on YT walking you through hashcat. The first YT Video alone has 7 Million views: "how to HACK a password // password cracking with Kali Linux and HashCat"
I wish him luck, great drive to do this, i hope it works out well enough, books are just in general not easy to sell.
I'd say that this is a bit relevant to the entire field of cyber security and a good chunk of development roles. If you're not concerned about how password hashing (which is a key component of understanding cracking) works as developer-- I'm not sure what to say. While not all of the in-depth research is probably needed. It's definitely relevant to many technical fields. I work in offensive security and we use tools like this daily in our industry. And no we are not cyber criminals.
This is a really impressive project, especially starting at 14. The point about there being no single comprehensive resource rings true, I've tried to learn about password security before and always ended up jumping between five different tabs just to understand one concept.
Thanks for sharing. This looks interesting. Impressive achievement.
This book is currently not really relevant for me, so I just skimmed the samples on Amazon. I found the technical content to be reasonably accurate and interesting although sometimes a little bit verbose (e.g., the section about 'what is a password') or slightly imprecise. In general, I think this book might have benefited from a thorough copyediting pass. There are quite a few grammar errors and unpolished sentences in the book, e.g.:
> The reason why Linux is imperative is that well, for one, most of the tools we will use, while indeed have builds for other systems, like Windows, in this book we will work with Linux.
Wishing you success and keep on writing!
What did you find slightly imprecise?
This is an amazing achievement for someone of any age, but to publish a book with this much research at 18 is phenomenal. I heartily congratulate you.
I've hopped through the book and it seems carefully laid out and organized. I may come back at you with questions once I've read further. Cheers.
Great job. The book is 427 pages.
Why not put the video on YouTube?
Are you drunk? He’s lucky Google and Amazon haven’t noticed yet. If he wants to keep access to his accounts he should pull them down immediately and distribute via torrent.
Why? Don't they both sell other books on cracking and pentesting and whatever? There are tons of videos on YouTube about hashcat and aircrack-ng and rainbow tables and blah blah blah.
You think this stuff is some kind of secret or illicit knowledge?
The video is just less than half a minute of him flipping through some pages in the book anyway.
Because of a Hashcat tutorial book and video?
Even Claude will help you setup hashcat and co without complaining?
The video url is down? This sounds super interesting!
I love the book cover! Great job, Bojta.
Congratulations! The book looks great.
I would love to hear more about the process of writing and preparing it for publishing. It's self-published? How did you do the typesetting and the diagrams?
I too would be interested in hearing about the writing and formatting process. I described my own process as a software engineer and first-time novelist here: https://frequal.com/forwriters/
Congratulate on finishing such a big project on a complicated topic, and putting in all this effort so that others can learn as well. I enjoyed reading the first few pages on Amazon
can you discuss your coverage of password mask attacks, specifically is there any advances since EBM
relevant https://en.wikipedia.org/wiki/2022_LastPass_data_breach
probably a lot of ppl lost crypto this way.
I don't think so. Every lastpass vault is encrypted by the users password.
Wikipedia states that there were some field unencrypted, sure, but not the critical data.
More people probably lost crypto by forgetting their passwords like a friend of mine. 10k gone
when i was running 150k amd gpus... i really wanted to use the cluster to run hashcat to help people recover lost things. i couldn't convince management that that was a profitable business to run.
> help people recover lost things
You mean "lost things" in quotes. Management may have been more concerned about jail time.
Plenty of valid reasons to recover lost things and not just 'lost things'.
Yes that was what i was implying.
There’s a reason there are no books about this, because most people are not interested in cracking local/offline passwords.
In fact, the people most interested in password cracking are usually criminals.
But good luck with the book. It’s just not a hugely in demand topic.
When I lived in Adelaide, Australia 2006 or 2007, flexible-neck LED lamps that you plugged into an USB port to have light on your keyboard (backlit keyboards were not the norm on laptops) were a novelty item.
People simply didn't /know/ about them/that they existed at all.
I went to a computer/electronics shop in town and asked for them.
The guy told me: "We don't stock them because people don't ask for them."
The reason is, that using hashcat is not complicated for people who have linux experience and the amount of people wanting to crack a password is probably not that high.
Otherwise you do find plenty of people on YT walking you through hashcat. The first YT Video alone has 7 Million views: "how to HACK a password // password cracking with Kali Linux and HashCat"
I wish him luck, great drive to do this, i hope it works out well enough, books are just in general not easy to sell.
Uh, what?
I'd say that this is a bit relevant to the entire field of cyber security and a good chunk of development roles. If you're not concerned about how password hashing (which is a key component of understanding cracking) works as developer-- I'm not sure what to say. While not all of the in-depth research is probably needed. It's definitely relevant to many technical fields. I work in offensive security and we use tools like this daily in our industry. And no we are not cyber criminals.