Skip to content
Avatar
💭
:cheeeeeese:
💭
:cheeeeeese:

Organizations

@hashcat @ALPCA-org
Block or Report

Block or report roycewilliams

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
roycewilliams/README.md

Hi there 👋

I'm Royce Williams. Information security by day, security research as Tech Solvency after hours. I live in Anchorage, Alaska with my family.

I am a public-interest technologist at heart. I believe that the keepers and operators of technology and data should first do no harm (though second-order effects mean trade-offs - for example, a surgeon does some "harm" cutting into a patient, for the patient's own good).

Most of my GitHub work centers around password cracking, including some feature requests, docs, UX, and minor housekeeping work on hashcat. I have been a member of Team Hashcat (hashcat's password-cracking competition group) since 2016. I also collaborate with other teams and groups.

A more thorough bio with links to projects and research is here.

And a special shout-out to my Alaskan security colleague ak_hepcat! Lots of fun stuff in his repos.

Pinned

  1. An archive of descrypt hashes for common non-personal passwords

    Shell 16 6

  2. 1
    # roycewilliams / tychotithonus GitHub starred
    2
    ## https://gist.github.com/roycewilliams/b17feea61f39a96d75031930180ef6a6
    3
    ## Last updated: 2022-04-23
    4
    ## NOTE: gists sometimes disappear; also see commit history.
    5
    * https://github.com/003random/003Recon
  3. 1
    #------------------------------------------------------------------------------
    2
    # Top 20K hashes from the Troy Hunt / haveibeenpwned Pwned Passwords list v2 (2018-02-21)
    3
    #    with frequency count and cracked plaintext passwords
    4
    #
    5
    # The latest version of this file can be found here:
  4. 1
    # Client-side software update verification failures
    2
    Exploitable vulnerabilities in client-side software update mechanisms that could have been mitigated by secure transport (TLS). Contributions welcome. All text taken from the vulnerability descriptions themselves, with additional emphasis mine. 
    3
    
                  
    4
    ## In scope:
    5
      * I consider exploitation or privilege escalation of the package tool/system itself (that would have been mitigated by secure transport) to be in scope. 
  5. Crude scripts for building modern WHOIS configs (whois.conf, jwhois.conf ...) using IANA TLD info, with data snapshots.

    HTML 14 3

  6. 1
    #-----------------------------------------------------------------------------
    2
    # bcrypt hashes for the plain 'password', costs 4 through 31, and how much 
    3
    # time it took to generate the hash on a reference system (CPU).
    4
    #-----------------------------------------------------------------------------
    5
    #

210 contributions in the last year

Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Mon Wed Fri

Contribution activity

August 2022

Created 2 commits in 1 repository
Created 1 repository

Created an issue in dizcza/docker-hashcat that received 2 comments

feature request: dynamically update PCI IDs

To better support frameworks that report GPU device names, it would be useful for the /usr/share/misc/pci.ids file to be dynamically updated on build:

2 comments
Opened 3 other issues in 3 repositories
hashcat/hashcat 1 open
Sc00bz/bscrypt 1 open
atoponce/webpassgen 1 open
4 contributions in private repositories Aug 5 – Aug 12

Seeing something unexpected? Take a look at the GitHub profile guide.