PL

PASSWORDLAB

GPU Cracking Simulator · SOC Training Edition

Live Simulation Environment

How fast could a GPU cluster break your password?

PasswordLab simulates real-world password cracking using actual entropy math and industry hash-rate benchmarks — dictionary attacks, mask attacks, brute force and rainbow tables — against MD5, SHA-256, bcrypt, Argon2 and more. Built for learners, red teamers, and SOC analysts who need to understand attacker math, not just theory.

0
Passwords Analyzed
0
Simulated Cracks
0
GH/s Cluster Peak
0
Leak DB Entries
Cluster Status: IDLE
CPU Load4%
Temp38°C
Power Draw65W
Why This Exists

Most people think "P@ssw0rd123!" is strong because it has a symbol and a number. It isn't. This lab shows the real math attackers use — entropy, keyspace, and hash-rate — so the danger becomes visible instead of theoretical. Everything here runs 100% client-side. Nothing you type is ever sent anywhere.

Modes Available

Beginner — single GPU, teaches the basics.
Advanced — 8-GPU rig, dictionary + mask attacks.
Enterprise — 64-GPU cloud cluster, full keyspace brute force.
SOC Mode — flips perspective: watch the SIEM detect and alert on the attack in real time.

Password Strength Analyzer
Strength
8+ chars Uppercase Lowercase Digit Symbol Not Common Word No Repeats/Sequences
0.0
Bits of Entropy
0
Charset Size
0
Length
0
Possible Combinations

Entropy is estimated using charset-based Shannon approximation: length × log2(charset size). Dictionary-based or pattern-based passwords are flagged separately since real attackers guess these first, regardless of raw entropy.

Crack Time Estimates (Single GPU → Cloud Cluster)
AlgorithmSingle GPU8-GPU Rig64-GPU Cloud

Note: this table assumes the password isn't already leaked. Check the Leak Check tab — leaked passwords are cracked in under a second regardless of entropy, since attackers try known-breached passwords before brute force.

Attack Configuration
Beginner
1 GPU
Advanced
8-GPU Rig
Enterprise
64-GPU Cloud
SOC Mode
Blue Team

All hashing and math is simulated client-side using published hardware benchmark figures — no real hashes are computed or transmitted.

Console Output
root@passwordlab:~# awaiting attack launch
0% completeETA —
3D GPU Cluster Visualization
Aggregate Hash Rate0 MH/s
Avg Temp35°C
Total Power120W
Leaked Password Database Check

Checked against a bundled offline list of the most common breached and predictable passwords (patterns, keyboard walks, top leaked passwords worldwide). For a live check against the full HaveIBeenPwned Pwned Passwords database (~900M+ entries via k-anonymity range API), wire up the optional HIBP integration in config.js — disabled by default so this page stays 100% offline and privacy-safe.

Hash Algorithm Reference & Relative Speed
Session History
No analyses yet this session. Try the Analyzer or Attack Console.