GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → AdrianVollmer → Crack-O-Matic

AdrianVollmer / Crack-O-Matic

Licence: MIT license
Find and notify users in your Active Directory with weak passwords

Programming Languages

python
139335 projects - #7 most used programming language
HTML
75241 projects
javascript
184084 projects - #8 most used programming language
CSS
56736 projects
Jinja
831 projects

Labels

flaskactive-directoryjohn-the-ripperhashcatblueteamcracking-hashes

Projects that are alternatives of or similar to Crack-O-Matic

ad-privileged-audit
Provides various Windows Server Active Directory (AD) security-focused reports.
Stars: ✭ 42 (-52.81%)
Mutual labels:  active-directory, blueteam
cracke-dit
cracke-dit ("Cracked It") makes it easier to perform regular password audits against Active Directory environments.
Stars: ✭ 102 (+14.61%)
Mutual labels:  active-directory, hashcat
BTPS-SecPack
This repository contains a collection of PowerShell tools that can be utilized to protect and defend an environment based on the recommendations of multiple cyber security researchers at Microsoft. These tools were created with a small to medium size enterprise environment in mind as smaller organizations do not always have the type of funding a…
Stars: ✭ 33 (-62.92%)
Mutual labels:  active-directory, blueteam
Logontracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+2050.56%)
Mutual labels:  active-directory, blueteam
hashcat-wpa-server
Hashcat WPA/WPA2 server
Stars: ✭ 26 (-70.79%)
Mutual labels:  hashcat, cracking-hashes
Cypheroth
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (+101.12%)
Mutual labels:  active-directory, blueteam
Plumhound
Bloodhound for Blue and Purple Teams
Stars: ✭ 452 (+407.87%)
Mutual labels:  active-directory, blueteam
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+95.51%)
Mutual labels:  hashcat, cracking-hashes
adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+868.54%)
Mutual labels:  active-directory, blueteam
Disruption
Terraform script to deploy AD-based environment on Azure
Stars: ✭ 34 (-61.8%)
Mutual labels:  active-directory
agent
hashtopolis.org
Stars: ✭ 19 (-78.65%)
Mutual labels:  hashcat
PowerShell-WindowsAdmin
A collection of scripts I've created over the years to administer things.
Stars: ✭ 35 (-60.67%)
Mutual labels:  active-directory
BLUELAY
Searches online paste sites for certain search terms which can indicate a possible data breach.
Stars: ✭ 24 (-73.03%)
Mutual labels:  blueteam
smbaudit
Perform various SMB-related attacks, particularly useful for testing large Active Directory environments.
Stars: ✭ 31 (-65.17%)
Mutual labels:  active-directory
adsys
Active Directory bridging tool suite
Stars: ✭ 80 (-10.11%)
Mutual labels:  active-directory
PSSystemAdministrator
A PowerShell module for managing users and computers and gathering information in a Windows Active Directory environment.
Stars: ✭ 59 (-33.71%)
Mutual labels:  active-directory
1earn
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+4074.16%)
Mutual labels:  blueteam
aspnet-core-ad-authentication
ASP.NET Core Active Directory authentication use LDAP
Stars: ✭ 21 (-76.4%)
Mutual labels:  active-directory
ucsunivention
⚫ Curso GRÁTIS SAMBA-4 UCS Univention Core Free 5.x Domain Controller Active Directory Open Source
Stars: ✭ 29 (-67.42%)
Mutual labels:  active-directory
ldap2json
The ldap2json script allows you to extract the whole LDAP content of a Windows domain into a JSON file.
Stars: ✭ 56 (-37.08%)
Mutual labels:  active-directory
View All Similar Projects ➔

Crack-O-Matic

Find and notify users in your Active Directory with weak passwords.

Features:

  • Linux-based
  • Flask-based web app
  • Hashcat or John cracker
  • Automated e-mails
  • Graphical reports
  • Privacy preserving

Read the docs for more information.

Screenshots

Report 1

Report 2

Tests

If you're a developer and want to run the tests, you need to edit tests/.env and define the following variables according to your environment:

# path to `john` binary
JOHN_PATH=/opt/john/run/john
# path to `hashcat` binary
HASHCAT_PATH=/usr/bin/hashcat
# FQDN of a test domain
DOMAIN=crack.local
# name of one of its domain admins
DOMAINUSER=Administrator
# domain admin password
DOMAINPASS=
# FQDN of a domain controller in the test domain
HOST=localdc.crack.local

If you don't have a test domain, you can use the docker-compose file in tests/docker to run a Samba DC (docker-compose run --service-ports dc). Inside the file you will find the values you need. You should also create an entry for the FQDN in your /etc/hosts.

License and Copyright

MIT, Copyright 2021 Adrian Vollmer

See LICENSE for the full license text.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].