|9 months ago||6 days ago|
|GNU General Public License v3.0 only||MIT License|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
#weakpass: Generador en línea para crear una lista de palabras 🔥
1 project | reddit.com/r/u_esgeeks | 23 Sep 2021
Security Cadence: Passphrases
5 projects | reddit.com/r/sysadmin | 31 Jan 2022
Load DSInternals Powershell Module (Install-Module DSInternals -Force OR https://github.com/MichaelGrafnetter/DSInternals
Auto Generate a String array I can then use in a "foreach" loop
2 projects | reddit.com/r/PowerShell | 30 Nov 2021
FYI, there's a PS module you can use to check passwords. Here's a link to some info about that: https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/Get-ADReplAccount.md
Weak AD Password Script
1 project | reddit.com/r/msp | 5 Nov 2021
Password Validation Tool
1 project | reddit.com/r/sysadmin | 26 Aug 2021
Verify new passwords are being used after they are changed.
1 project | reddit.com/r/sysadmin | 12 Aug 2021
Active Directory Audit - PingCastle?
4 projects | reddit.com/r/sysadmin | 3 Jul 2021
Using Powershell to determine AD user's password complexity
1 project | reddit.com/r/activedirectory | 17 Jun 2021
Any recommendations for a trustable script to scan for weak/bad windows passwords?
1 project | reddit.com/r/sysadmin | 24 May 2021
Use Michael Grafnetter's excellent DSInternals module along with the latest HIBP dump (in NTLM format). The scariest part is that it takes <5 minutes to compare your AD records against 613 million passwords.
What are some alternatives?
Password Compat - Compatibility with the password_* functions that ship with PHP 5.5
hashtopolis - Hashtopolis - A Hashcat wrapper for distributed hashcracking
dumb-password-rules - Shaming sites with dumb password rules.
ADRecon - ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
PowerSploit - PowerSploit - A PowerShell Post-Exploitation Framework
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
Minimalistic-offensive-security-tools - A repository of tools for pentesting of restricted and isolated environments.
adfsmfa - MFA for ADFS 2022/2019/2016/2012r2
ad-password-protection - Active Directory password filter featuring breached password checking and custom complexity rules
BloodHound - Six Degrees of Domain Admin
PwnedPasswordsDLL - Open source solution to check prospective AD passwords against previously breached passwords
800-63-3 - Home to public development of NIST Special Publication 800-63-3: Digital Authentication Guidelines