View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0003929 | Kali Linux | New Tool Requests | public | 2017-03-23 12:42 | 2020-02-11 16:56 |
Reporter | ins1gn1a | Assigned To | g0tmi1k | ||
Priority | normal | Severity | feature | Reproducibility | N/A |
Status | closed | Resolution | won't fix | ||
Summary | 0003929: Pwdlyser - Password Analysis and Reporting Tool: Pwdlyser | ||||
Description | Name: Pwdlyser Furthermore, there are three separate output displays depending upon the requirement:
This tool is regularly used for penetration testing engagements, and has been invaluable for providing detailed information for clients. Additionally, there are some other features, such as the -w (wordlist clean) argument, that provide penetration testers to be able to 'clean' a wordlist for reuse in password cracking wordlist inputs. This is often used during engagements, and has had a positive result in providing a small percentage of additional passwords being cracked just by using the same list. | ||||
Additional Information | The available input arguments are as follows: --all, -A Run all standard tests. Can be combined with -o [org-name], --summary, --admin [path] --admin ADMIN_PATH Import line separated list of Admin usernames to check -c, --common Check against list of common passwords --char-analysis Perform character-level analysis --date Check for common date/day passwords -e, --entropy Output estimated entropy for the top 10 passwords (by --exact EXACT_SEARCH Perform a search using the exact string. -f FREQ_ANAL, --frequency FREQ_ANAL -fl FREQ_LEN, --length-frequency FREQ_LEN -k, --keyboard-pattern -l MIN_LENGTH, --length MIN_LENGTH -m, --mask Perform common Hashcat mask analysis -mc MASKS_RESULTS_COUNT, --mask-count MASKS_RESULTS_COUNT -o ORG_NAME, --org-name ORG_NAME -oR Output format set for reporting with "- " prefix -p PASS_LIST, --pass-list PASS_LIST -S BASIC_SEARCH, --search BASIC_SEARCH -s, --shared Display any reused/shared passwords. -u USER_SEARCH, --user USER_SEARCH -up, --user-as-pass Check for passwords that use part of the username -w, --clean-wordlist Enable this flag to append cleaned (no trailing --summary Use --summary to provide a concise report-friendly An example of a command to provide detailed information for a report-friendly format would be: This output could then be fed straight in to a penetration test report, albeit with minor tweaks should it be required for post-analysis. The github readme examples do require a further update, as the output has changed slightly since its initial inception. However, this will be done over the next few weeks to reflect the current state of the tool. | ||||
To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):
|
|
|
|
Project now 404's |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2017-03-23 12:42 | ins1gn1a | New Issue | |
2018-01-29 14:16 | g0tmi1k | Summary | Password Analysis and Reporting Tool: Pwdlyser => Pwdlyser - Password Analysis and Reporting Tool: Pwdlyser |
2018-01-29 14:16 | g0tmi1k | Note Added: 0008343 | |
2018-01-29 17:12 | ins1gn1a | Note Added: 0008539 | |
2020-02-11 16:56 | g0tmi1k | Note Added: 0012249 | |
2020-02-11 16:56 | g0tmi1k | Assigned To | => g0tmi1k |
2020-02-11 16:56 | g0tmi1k | Status | new => closed |
2020-02-11 16:56 | g0tmi1k | Resolution | open => won't fix |