Open source domain user weak password detection Tool

Many http://www.aliyun.com/zixun/aggregation/1698.html "> large and medium-sized enterprises are using domain to manage the company's computers, both convenient and labor-saving, while there are many systems with domain accounts to do logon verification, its importance is serious." From the point of view of infiltration, if you get a domain user's account is equivalent to the company's intranet door has been opened.

For the above reasons, I wrote this program to test the company domain account, the effect is very good, so recommend to everyone.

Development environment:. NET Framework 4.0 (of course, you can also change to other frameworks)

How to use:

First, set the LADP parameters in the AD.cs (people are too lazy, not made into a configurable form)

General user information.

After the program is authenticated by LDAP, all domain user logins are automatically crawled.

II. Create Pass.txt (dictionary) in the directory where the program is located, use {u} to automatically use user padding (for example, username admin, use {u}@123, use admin@123 as password to try to log in)

Third, the program uses the multithreading technology, the speed is very fast, after the scan completes will create the Result.txt in the program root directory, displays the scanning result.

If you use intranet penetration test, the effect is very good, if you are not afraid of being checked water meter.

To get an effect picture: