Domain Password Audit Tool

GitHub - clr2of8/DPAT: Domain Password Audit Tool for PentestersGitHub

Domain Password Audit Tool (DPAT) is a tool that will create password statistics from password hashes and a cracked password file such as the hashcat.potfile file generated by Hashcat as it successfully cracks passwords.

DPAT is pretty straightforward to use:

dpat.py -n [ntds file] -c [crack file] <options>

## OPTIONS
-o [file]                           Output Filename
-g [file]                           Grouplists (ex. domain_admins)
-s                                  Partially Redact Passwords

Here is an example where I give DPAT an NTDS file, a hashcat.potfile file, and a domain_admins.txt file to generate password statistics:

dpat.py -n weelee.ntds -c hashcat.potfile -g domain_admins.txt

The users in the grouplists given to DPAT should be in the format DOMAIN\USER (e.g., weelee.zip\weelee)

PreviousPassword Cracking (hashcat)NextTMUX

Last updated 1 year ago