Hashcat is a great, free tool competing head to head with the tools we make. We charge several hundred dollars for what, in the end, can be done with a free tool. What are the reasons for our customers to choose ElcomSoft products instead of Hashcat, and is the expense justified? We did our best to compare the two tools to help you make the informed decision.

Remember the good old times when there was a lot of applications with “snake oil” encryption? You know, the kind of “peace of mind” protection that allowed recovering or removing the original plaintext password instantly? It is still the case for a few “we-don’t-care” apps such as QuickBooks 2021, but all of the better tools can no longer be cracked that easily. Let’s review some password recovery strategies used in our software today.

Today, we have an important date. It’s been 13 years since we invented a technique that reshaped the landscape of modern password recovery. 13 years ago, we introduced GPU acceleration in our then-current password recovery tool, enabling the use of consumer-grade gaming video cards for breaking passwords orders of magnitude faster.

Criminals are among the most advanced users of modern technology. They learned how to hide information in their smartphones and how to encrypt their laptops. They communicate via secure channels. Their passwords never leak, and they do their best to leave no traces. Forensic investigators encounter new challenges every other day. In this article, we will discuss yet another tool used by the criminals to cover their traces: the encrypted virtual machine.

We all have habits. Morning coffee (no sugar, just some milk), two eggs (sunny side up), reading mail wile you are not completely awaken, and a lot more. We all follow some kind of rules we have set for ourselves. We all have some favorites: names, cities and even numbers; maybe an important date or place. Can we exploit people’s habits to break their passwords effectively instead of using brute force? We can, and here’s the how-to.

Virtual machines use a portable, hardware-independent environment to perform essentially the same role as an actual computer. Activities performed under the virtual umbrella leave trails mostly in the VM image files and not on the host computer. The ability to analyze virtual machines becomes essential when performing digital investigations.

Making tools for breaking passwords, I am frequently asked whether it’s legal, or how it works, or what one can do to protect their password from being cracked. There are people who have “nothing to hide”. There are those wearing tin foil hats, but there are a lot more people who can make a reasonable effort to secure their lives without going overboard. This article is for them.

LUKS encryption is widely used in various Linux distributions to protect disks and create encrypted containers. Being a platform-independent, open-source specification, LUKS can be viewed as an exemplary implementation of disk encryption. Offering the choice of multiple encryption algorithms, several modes of encryption and several hash functions to choose from, LUKS is one of the tougher disk encryption systems to break. Learn how to deal with LUKS encryption in Windows and how to break in with distributed password attacks.

The wide spread of full-disk encryption makes live system analysis during incident response a challenge, but also an opportunity. A timely detection of full-disk encryption or a mounted crypto container allows experts take extra steps to secure access to encrypted evidence before pulling the plug. What steps are required and how to tell if the system is using full-disk encryption? “We have a tool for that”.

There is a bit of confusion about our software designed to allow breaking into password-protected systems, files, documents, and encrypted containers. We have as many as three products (and five different tools) dealing with the matter: Elcomsoft Forensic Disk Decryptor (with an unnamed memory dumping tool), Elcomsoft System Recovery and Elcomsoft Distributed Password Recovery, which also includes Elcomsoft Hash Extractor as part of the package. Let’s briefly go through all of them. Hopefully it will help you select the right product for your needs and save time in your investigation.