Skip to content

Logan722/password-security-labs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
docs
docs
 
 
screenshots
screenshots
 
 
README.md
README.md
 
 

Repository files navigation

Password Security & System Hardening Labs

Security John the Ripper Rainbow Tables Windows Security

Overview

A collection of hands-on labs focused on password security analysis, cracking techniques, malware defense, and system hardening. These exercises demonstrate both offensive techniques (to understand attacker methodologies) and defensive measures (to protect systems from compromise).

Skills Demonstrated

  • Password Cracking — Understanding hash algorithms and cracking methodologies
  • Rainbow Table Attacks — Pre-computed hash lookup techniques
  • Physical Security Analysis — USB keylogger attack investigation
  • Malware Defense — Identifying and mitigating malware threats
  • System Hardening — Implementing security policies and controls
  • Policy Configuration — Group Policy and account security settings

Tools & Techniques Used

Tool/Technique Purpose
John the Ripper Password hash cracking (Linux/Windows)
Rainbow Tables Pre-computed hash tables for rapid cracking
rtgen / rtsort / rcrack Rainbow table generation and cracking
Windows Security Policy Local security policy configuration
Group Policy Editor Enterprise policy enforcement

Labs Included

1. System Hacking Lab

  • Password cracking with John the Ripper
  • Rainbow table attacks for hash cracking
  • USB keylogger attack analysis
  • Windows security policy configuration

2. Malware Lab

  • Malware identification and analysis
  • Understanding malware behavior and indicators
  • Malware mitigation strategies

3. Malware Defense Lab

  • Defensive strategies against malware
  • System protection mechanisms
  • Incident response procedures

Repository Structure

password-security-labs/
├── README.md
├── docs/
│   ├── System Hacking Lab.docx
│   ├── Malware Lab.docx
│   └── Hands_On_Lab_Malware_Defense.docx
└── screenshots/
    └── [Lab screenshots]

Key Topics Covered

Password Cracking Techniques

  • Dictionary attacks
  • Brute-force attacks
  • Rainbow table attacks
  • Hash extraction and cracking

USB Keylogger Analysis

  • Physical security threats
  • Data exfiltration techniques
  • Countermeasures and detection

Windows Security Policy Configuration

Policy Setting
Minimum Password Length 10+ characters
Password Expiration 30 days
Password History Remember last 4 passwords
Complexity Requirements Enabled
Account Lockout Threshold Configured
Audit Logging Enabled

Key Takeaways

  • Offensive Understanding: Know how attackers crack passwords to build better defenses
  • Defense in Depth: Strong passwords alone aren't enough — need lockout policies, MFA, and monitoring
  • Physical Security Matters: Keyloggers and rogue USB devices bypass all password complexity
  • Policy Enforcement: Group Policy provides scalable security across enterprise environments
  • Malware Awareness: Understanding malware behavior is crucial for effective defense

Author

Daniel Oni
M.S. Cybersecurity — Southern Methodist University
LinkedIn | GitHub

This repository documents hands-on security lab work. All testing was performed in controlled, authorized lab environments for educational purposes.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors