Modern business environments and offices often deploy networked PCs to ease workflow and enable faster data sharing. However, this can also lead to intrusion and DDOS attacks if not properly secured. Proactive Password Auditor is a password-auditing tool to check how the network withstands any form of attack from the external agents.
Proactive Password Auditor features a very simplified traditional interface with attack type selection, Hashing and brute forcing options and a list of observed clients and activity pane at the bottom. The top is resided by a menu bar and a large icon toolbar for various actions. To check for password security, Proactive Password Auditor uses password caches and rainbow tables to speed up the process. Further rainbow tables are notorious for breaking down password in minutes and hence its failure indicates strong password selection with very low probability of cracking. Account passwords can also be recovered in case it is forgotten – and can be easily recovered using rainbow tables. Network security thus can be determined by the time it takes for Proactive to recover passwords, and it carries out the password auditing in a limited frame of time and if the password is recoverable, then the passwords need to change into something stronger. Password recovery also supports EFS-encrypted files and folders as well. Attack types that can be performed are Brute Force, Mask based, Dictionary driven and Rainbow Table generation.
Also, Hashes can be retrieved from dump files (PWDUMP file), memory of local system, registry files (SAM, SYSTEM) or even memory of remote computer. The supported operating systems include Windows 2000, XP, Vista, 7, Server editions 2003 and 2008 and for both 32 and 64 bits versions.
On the Windows platform, there are a few tools available which provide similar functionality. Advanced Archive Password Recovery is one of them which employs similar methods to crack passwords and also supports multiple languages as well. There is also BruteForcer – which as the name suggests performs brute force attacks on networks to determine their strength but does not support other modes of attack as by Proactive Password Auditor. Cain and Abel is another tool for Windows which supports rainbow tables for password cracking and is thus extremely effective as performing various password attacks and recovery – which pits it identical to Proactive Password Auditor.
Proactive Password Auditor is a useful utility to have in order to test network security against impending attacks. The interface is simple enough and almost all attack modes are covered. It can also check in dump files for hashes and use rainbow tables for password recovery attacks. Apart from this, it also integrates well with other Proactive tools.
Proactive Password Auditor is product from Elcomsoft, which is headquartered in Moscow and established since 1990. Elcomsoft specializes in forensic and network admin tools. Their products include Elcomsoft Password Recovery Bundle, Forensic Suite for iOS, Phone Breaker, Wireless security auditor Forensic Disk Decryptor, Blackberry backup explorer and Elcomsoft phone viewer.
Write a review
You must be logged in to post a comment.