168 Open source projects that are alternatives of or similar to Password_pwncheck

Deploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥

Deploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts

Check your keepassxc database against previously breached haveibeenpwned passwords

ASP.Net MVC with Active Directory Authentication using Owin Middleware

🙏 Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.

AD Security Intrusion Detection System

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Password-strength validator for Symfony

Directory Services Internals (DSInternals) PowerShell Module and Framework

GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.

Open source solution to check prospective AD passwords against previously breached passwords

An Android library which makes checking the quality of user's password a breeze.

RedSnarf is a pen-testing / red-teaming tool for Windows environments

See if your passwords in pass has been breached.

The DNN Azure Active Directory Provider is an Authentication provider for DNN Platform (formerly DotNetNuke) that uses Azure Active Directory OAuth2 authentication to authenticate users.

DLL Password Filter Implant with Exfiltration Capabilities

OSINT Tool for Finding Passwords of Compromised Email Addresses

A repository of tools for pentesting of restricted and isolated environments.

A Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)

A Vue.js password input component that includes a toggle to show the password and a customizable strength meter.

Public PowerShell script gallery for ScriptRunner.

A swiss army knife for pentesting networks

PowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...)

Building an Active Directory domain and hacking it

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Starter kit to quickly create ASP.NET Core with On-Premises Active Directory Authentication.

A toolkit of AD specific health checks that you can run in your environment to ensure your Active Directory is running optimally.

Utilities for working with the Pwned Passwords database from Django.

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Active Directory provider for HashiCorp Terraform (experimental)

Port of Dropbox's zxcvbn password strength library for Rust

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

A tool to help query AD via the LDAP protocol

LDAP auth plugin for verdaccio

Password Validator & Strength Evaluator

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.

A Laravel 5.1 package that first tries to log the user against the internal database if that fails, it tries against the configured LDAP/AD server.

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.

PingCastle - Get Active Directory Security at 80% in 20% of the time

Check if your lastpass passwords have been pwned by someone

Modern tactical exploitation toolkit.

Symfony Password strength and blacklisting validator bundle

A script for advanced discovery of Privileged Accounts - includes Shadow Admins

A library to check for compromised passwords

Provision a brand-new company with proper defaults in Windows, Offic365, and Azure

Bonobo Git Server for Windows is a web application you can install on your IIS and easily manage and connect to your git repositories. Go to homepage for release and more info.

Bloodhound for Blue and Purple Teams

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Simple Have I Been Pwned checker for KeePass

Multi Vagrant environment with Active Directory

(l)user hunter using WinAPI calls only

Don't let your user be a victim of their own action

Very simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Know the dangers of credential reuse attacks.

Fast, offline auditing of Active Directory passwords using Python.