Skip to content

login-securite/conpass

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ConPass

PyPI version PyPI Statistics Twitter

Python tool for continuous password spraying taking into account the password policy.

Associated blogposts

Chapters Description
Warning Before using this tool, read this
Installation ConPass installation
Usage ConPass usage

Warning

Although I have made every effort to make sure the tool get the correct password policy, there can be some password policy settings that are not taken into account by the tool, which may lead to accounts lockout.

Installation

conpass works with python >= 3.7

pip (Recommended)

python -m pip install conpass

From source for development

python setup.py install

Usage

conpass will get all domain users and try a list of password provided in a password file. When a user can be locked out, the tool will wait for the lockout reset period before trying another password.

conpass -d domain -u pixis -p P4ssw0rd -P /tmp/passwords.txt

All passwords and NT hashes provided in /tmp/passwords.txt will be added to a testing Queue, and will be tested against all users, whenever it is possible without locking users out.