Proactive Password Auditor
Proactive Password Auditor is a password security test tool that's designed to allow Windows Vista, Windows 2003, Windows XP, Windows 2000 and Windows NT-based systems administrators to identify and close security holes in their networks. Proactive Password Auditor helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. It can use brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed.