Domain Password Audit Tool

A tool to generate password usage statics in a Windows domain based on hashes dumped from a domain controller. The Domain Password Audit Tool (DPAT) is a python script that analyzes the hash information in combination with a list of cracked passwords output from a tool such as oclHashcat. The script generates an interactive HTML report containing complete details to help you understand password use in an environment and identify issues. An option to generate a sanitized version of the report is also included.

Example Summary Page of DPAT Report

Complete usage instructions and code are available on GitHub here: https://github.com/clr2of8/DPAT

_____

Want to see a demo of this in action? Check out Carrie’s webcast demo here.