It took me some time to get used to calling Jamie by the name “Katy,” but it is coming

Single factor authentication often the larger the target the quicker the compromise.

Find a page were login credentials are requested.

1. search-engine-manipulation (to find login pages and usernames)

using a companies name google search  to try and discover there e-mail structure as this is commonly used as a username. i.e search  (the .com can be replaced by any country in scope parameter .jp, .fr so on)
The results should show users internal email address  i.e

username = mark.exsample or

(50% of authentication complete)

After this search again using the found users e-mail address and look for any social network accounts and any other information. Befriending is common try and learn there partners names, dob, pets names.

2. cupp-common-user-passwords-profiler

Create the password file using this found information.


(100% of authentication complete)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s