Today it is possible to find Rainbow Tables on the web which are the fruit of a long collaboration. These tables can weigh several hundred GOs and describe spaces containing up to every possible combination of ASCII characters from length 1 to 8. The major drawback of these “classic” tables is that the spaces of the passwords searched increase exponentially with the length of the passwords. As a result, the odds of currently reaching 9 characters is highly unlikely. Thus, tables based on dictionaries as well as so-called “hybrid” tables started to emerge in 2007 and 2008. The purpose of these two methods is to reduce the size of the space used by the candidate passwords while maintaining a high success rate. Up to now, such variations were the only public implementations which attempted to improve the pertinence of the spaces covered by rainbow tables.

For its own needs as a pentesting company LEXSI developed crackNfast. CrackNfast is the first known public piece of software to implement statistical password-guessing technics within the context of rainbow tables. The results of this tools are way superior to those of classical rainbow tables, and the potential for improvement is even bigger.