Find enabled Active Directory users with bad passwords
Switch branches/tags
Nothing to show
Clone or download
Permalink
Failed to load latest commit information.
BadPasswords.txt Create BadPasswords.txt Oct 2, 2015
Get-bADpasswords.ps1 Update Get-bADpasswords.ps1 Oct 11, 2015
LICENSE Create LICENSE Oct 2, 2015
README.md Update README.md Oct 3, 2015

README.md

Get-bADpasswords

Compare password hashes of enabled Active Directory users with one or more lists of bad, weak or non-compliant passwords (e.g. hackers first guess in brute-force attack).

  • Multiple word lists can be used.
  • Can write log and CSV file output.
  • Must be excuted with 'Domain Admin' or 'Domain Controller' permissions (or the like).

Requires PS Module "DSInternals" to be present on executing host. Please follow install instructions from there.

Note: this script does not modify input from word lists, like switching to upper/lower case etc. Each word in wordlist is taken as-is. Use other tools to generate word lists if needed.

Enjoy! @JakobHeidelberg