What is Cryptbreaker?
Cryptbreaker is a tool written for the primary purpose of allowing security professionals to better understand the risks associated with their Active Directory (AD) environment configuration. Risks associated with AD environments can take many forms but by looking at issues commonly exploited by attacker we hope to provide a way to proactively identify and raise awareness around these issues.
Some sample attacker tactics include:
- Abuse of weak GPO permissions
- Password Spraying Attacks
- Kerberoasting
- Abuse of Old/Non-expiring Passwords
- And the list goes on…
With the early versions of Cryptbreaker we seek to allow organizations to more effectively audit the strength of passwords in their environment, since many attacks commonly abuse the ability to guess or crack bad passwords. Future releases will be adding additional analysis and alerting around other AD issues.
Since password cracking is not something that defenders typically expected to do Cryptbreaker seeks to make cracking and analyzing results simple and affordable. Additionally, password auditing traditionally has the draw back of revealing plaintext secrets to the group performing cracking by utilizing modern cloud infrastructure Cryptbreaker allows defenders to perform password audits without requiring dedicated hardware or exposing plaintext secrets to human eyes: just audit and get results without compromising password data.