I have no intention on updating this tool. Feel free to fork/clone, edit and share.
DPA is a Windows Domain user/password analyzer and a visualizer assessment. This is a web based service that takes the following files as input:
- Windows NTDS
- Password file (Cracked NTDS) or
- Windows NTDS
- Hash Password file (Hashcat output)
The results are disaplayed into detailes in a web interface.
Features:
- Domain user information (number of users, suspicious names in use...)
- NTLM and LM in use
- Detailed cracked passwords
- Which accounts have been hacked
- Python 2.7
- Flask (http://flask.pocoo.org/)
# git clone https://github.com/danTaler/Domain-Password-Analyzer.git
# cd Domain-Password-Analyzer
# ./run.pyNavigate to the: http://x.x.x.x:8889
- The Windows NTDS should be your PwDump style format.
- user:id:lm:ntlm:::
- The Password file should be your file containing passwords only.
- password1
- password2
- password3
- The Hash Password file should be a file containing hashes following by passwords. Similar to hashcat output or its .pot file:
- 872BFACBE774904406D0D250B89AAD0C:some_pass
- C0A9E41E3A55882283358449B915CD9B:another_pass
Apache LICENSE-2.0 https://www.apache.org/licenses/LICENSE-2.0