To access the Internet fit almost any network adapter. Even when testing web applications, we rarely run into network card bandwidth limitations. Most often, slowdowns are related to the response speed of the tested server/website, DoS/anti-brute force protection, lack of RAM on the pentester`s computer, insufficient Internet bandwidth, etc.

Contents

Best laptops for hacking Money: Master the game
Only when using one program did I encounter a lack of RAM…

Let's start with the good news - for penetration testing, hacking, any average computer will do. If you decide to get into a new hobby or learn computer security (very useful for web application programmers, and everyone else who would not like to become a victim of hackers), then you do not need to go to the store for a new computer.

However, there are a few things you can consider when choosing a new computer that will become your Best laptops for hacking and allow you to be more efficient at certain tasks.

Desktop or laptop?

A desktop computer has many advantages: it's more powerful, it's cheaper, it's easier to upgrade and repair, it has a better keyboard, more ports, a bigger screen, and more. And only one drawback - the lack of mobility. If you are not faced with the task of going to objects, and in general you are just learning, then a desktop computer will be preferable.

Video card for pentester

We need a video card, of course, not for games. We need it to enumerate hash sums (hashes). A hash is the result of processing data using a special algorithm (hash function). Their feature is that the same data has the same hashes. But it is impossible to recover the original data from a hash. This is especially common, for example, in web applications. Instead of storing passwords in the clear, most websites store hashes of those passwords. If you enter your username and password, then the website calculates a hash for the password you entered and compares if it matches the one saved earlier. If it matches, then you entered the correct password and get access to the site. What is all this for? Imagine that a hacker managed to gain access to the database (for example, through SQL injection) and he learned all the hashes on the site. He wants to log in as one of the users, but he cannot - the website requires a password, it does not accept hashes.

You can recover a password from a hash, for example, by brute force (there are also rainbow tables, but now they are not about them, and their essence comes down to the same thing - calculating hashes for password candidates). We take a password candidate, for example, "superbit" we calculate the hash sum for it, compare it with the existing hash sum - if they match, then the password for the user is "superbit", if not, we take the next password candidate, for example, “dorotymylove”, we calculate the hash sum for it, compare it with the one that we learned from the site database, if it matches, then we have learned the password, if not, we continue further.

This operation (enumeration of hashes) can be done using the central processor, there are many programs that can do this. But it was noticed that it is much faster to iterate over hashes using a video card. Compared to the CPU, the use of the GPU increases the speed of enumeration by tens, hundreds, thousands or more times! Naturally, the faster the hashes are crawled, the more likely it is to bring a successful hack closer.

Popular graphics cards are AMD, GeForce and Intel HD Graphics. From Intel HD Graphics it is not always possible to get a sense, they are not very powerful and they are not bought separately - so we will not dwell on them much.

The main choice is between AMD and GeForce. GeForce video cards are much more popular. They have proven themselves in games, they have a huge army of fans. But AMD is better suited for iterating hashes, no matter how upset GeForce fans are. AMD video cards from the middle price category show about the same results as GeForce video cards from the top category. Those. instead of one top-end GeForce, you can buy 2 AMD cheaper and get a faster hash brute force.

I rethought this moment. Comparing the data from this table and the prices in online stores, I came to the conclusion that there is no difference. Top-end GeForces are more than twice as powerful as top-end Radeons. And the price is about twice as high. Plus, be aware that AMD drivers have a very painful relationship with most Linux distributions. Currently, hashcat on Linux only supports AMDGPU-Pro, which only supports new graphics cards. And even if you plan to buy a computer with a new AMD graphics card, then first check out the list of supported Linux distributions - it is short, it is quite possible that your OS is not there.

In general, perhaps once Radeon was really better than GeForce for password brute force, once AMD drivers were installed in Linux with one command, but now this is not the case. If now I were building a computer or buying a laptop, I would choose models with GeForce.

Iteration of hashes will be required:

  • when testing for penetration of web applications (sometimes);
  • when hacking Wi-Fi (almost always);
  • when cracking the password of encrypted disks, wallets, files, password-protected documents, etc.) (always).