phyushin/Pwdlyser

Pwdlyser is an all encompassing security auditing tool. This repo serves as the open-source base for the new version of Pwdlyser (previously closed-source).

Pwdlyser

New repo for Public release

Pwdlyser (Password-Analyser) is a multi-functional analysis tool created to provide security professionals and organisations aiming to improve their security posture with the ability to easily review and analyse passwords from Active Directory domain accounts, databases, etc. The second was that it should be able to be used by security consultants and penetration testers to identify and target key-account passwords (such as Domain Admins), the most common Hashcat character password masks, and to provide an output for estimated entropy of the most common passwords within the list.

The result of this is a tool that provides a fantastic granular output and a simple report-ready format, both from a high level management summary and that of a more technical detail. The enterprise version also includes the ability to review dynamically-generated graphs and charts, relating to the key issues outlined within the results, along with an overarching review score, which can be used when performing regular audits to track and gauge improvements to securing the corporate password posture.

Builds

Releases

See the Releases page for the pre-compiled binaries.

Pwned Passwords API

Thanks to Troy Hunt for hosting this service - it makes a valued addition to Pwdlyser!

Packages Used

• https://github.com/Fody/Fody
• https://github.com/Fody/Costura
• https://github.com/Live-Charts/Live-Charts
• https://github.com/MaterialDesignInXAML/MaterialDesignInXamlToolkit