Comments (5)
yellow-starburst
commented on August 17, 2024
- Add the column - "Password last changed" or "Pwd Last Set" to all the checks.
Reason - That way you can use new bloodhound data to see if the account has been remediated - without retrieving new ntds data
from max.
yellow-starburst
commented on August 17, 2024
- Add enabled column to the sheet:
A. LM_Hashes_(Non-Blank)
from max.
yellow-starburst
commented on August 17, 2024
- Remove Null NTLM hash from list
I noticed that the null ntlm hash 31d6 shows up in a bunch of different sheets
from max.
yellow-starburst
commented on August 17, 2024
- Add check "computers cracked"
All windows hosts should have random long passwords. Sometimes an admin or perhaps an attacker may change the password. Attackers use this as persistance.
from max.
knavesec
commented on August 17, 2024
I like some of these additions, so I'll see when I have time to sort them out.
Unless I'm misunderstanding # 4, I probably won't do that, just for completeness. If there are users with null hashes thats still part of AD so IMO it should still be included. May address this in one of the improvements below
Also for # 3, I don't entirely see it as relevant? Enabled status doesn't make a huge difference, if you have the LM hash you can easily crack the password and just enable the user. IMO enable status doesn't really make a difference, and those should just be fixed anyways. Either way, doesn't take a ton to implement, but those are just my thoughts
Additional things I'd like to add
-
Graphs and charts
For either report screenshots or just general ease of display, could include a pie chart of cracked vs not cracked, pie/bar chart for password lengths, etc -
Include a filtering ability to the graphs so you can sort alphabetically, by hash, by pwd length, etc. Tried this a while ago, but ran out of time. This may address the null NTLM hashes thing from above, depending on level of filter ability
from max.
Related Issues (13)
- DPAT file name issue HOT 1
- DPAT reused password HOT 2
- Query Module not working? HOT 2
- Feature Request: DPAT Password Last Changed HOT 3
- Strange Python Error When Enumerating Known Groups HOT 1
- DPAT failure if password is expired HOT 1
- Depricated imports HOT 1
- Support STDIN for mark-owned
- DPAT query fails if both parts of the 'or' return something
- Incompatibility with neo4j 5.1 HOT 1
- why doesn't this tool support outputting output to a file?
- Max dosen't like it if you don't immediatly open his shiny new toys
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from max.