Password Complexity & Reuse Audit Tool

Posted byAlfiePosted inActive DirectoryTags:, , , , , , , ,

Weak and reused passwords are a persistent threat, especially after password dumps or internal audits. To help security teams make sense of cracked credential data, I’ve built the Cracked Password Complexity & Reuse Audit Tool that inspects cracked passwords for length, complexity, and reuse patterns. It generates a visual terminal report and an optional CSV export for deeper analysis.

The goal is simple: quickly transform raw cracked credential list into actionable security insights.

Why It Matters

This tool bridges the gap between cracked password data and meaningful security metrics. It’s particularly useful for:

  • Red teams validating password strength post-engagement
  • Blue teams conducting password hygiene audits
  • SOC analysts assessing exposure after credential leaks
  • Pen testers producing visual, client-ready reports

In short, it’s a fast, transparent way to assess how bad the “human factor” really is inside a network.

Security Checks Performed

  • Password Length Enforcement
    Detects passwords shorter than the defined minimum (default: 7 characters).
  • Active Directory Complexity Validation
    Verifies whether each password meets typical AD complexity rules:
    • Lowercase letter
    • Uppercase letter
    • Numeric digit
    • Special character
  • Empty or Short Password Detection
    Highlights blank or undersized passwords.
  • Complexity Violations Report
    Lists accounts failing AD-style password policies.
  • Password Reuse Detection
    Groups users who share identical passwords — often the most critical finding.

Key Features

  • Interactive CLI — configurable minimum password length.
  • AD Complexity Checks — built-in validation logic.
  • Password Reuse Grouping — sorted by frequency for faster triage.
  • Data Masking — usernames and passwords partially masked (first 3 chars + asterisks).
  • Sorted Output — prioritizes enabled accounts.
  • Visual Terminal UI — colored box headers and aligned formatting for clarity.
  • CSV Export — saves structured results for post-audit review or reporting.

Try It Out

First, clone or download the script. Next, run it on your cracked credential dump. You will instantly get a color-coded breakdown of your organization’s password posture.

Audit cracked credentials with confidence. Identify weak or reused passwords before attackers do.

Leave a comment