CVE-2025-5484 SinoTrack GPS Receiver Weak Authentication

A username and password are required to authenticate to the central SinoTrack device management interface. The username for all devices is an identifier printed on the receiver. The default password is well-known and common to all devices. Modification of the default password is not enforced duri...

CVE-2021-44464

Vigilant Software Suite Mastermed Dashboard version 2.0.1.3 contains service credentials likely to be common across all instances. An attacker in possession of the password may gain privileges on all installations of this software...

Microsoft Exchange – Password Spraying

Outlook Web Access OWA portals typically are externally facing in order to allow users to get access to their emails from the Internet. This gives the opportunity to threat actors to use a common password against a valid list of usernames Password Spraying in order to get some initial access to t...

pwdlyser - Python-based CLI Password Analyser (Reporting Tool)

The 'pwdlyser' tool is a Python-based CLI script that automates the arduous process of manually reviewing cracked passwords during password audits following security assessments or penetration tests. There are likely some false positives/negatives, so please use at your own discretion. Installati...

Hob0Rules - Password cracking rules for Hashcat based on statistics and industry patterns

Password cracking rules for Hashcat based on statistics and industry patterns. The following blog posts on passwords explain the statistical signifigance of these rulesets: Statistics Will Crack Your Password Praetorian Password Cracking Rules Released Useful wordlists to utilize with these rules...

Factlink: Password Complexity very low.

There is only one rule which you have set that minimum characters should be 6. But you need to set robust rule for password quality. Because I was able to set my password 123456 which is really common and anyone can hack it. Recommendation - Provide robust rules including upper lower letters,...