EPISODE · Mar 15, 2018 · 15 MIN
7MS #301: CredDefense
from 7 Minute Security · host Brian Johnson
Intro CredDefense is a freakin' sweet tool from the fine folks at Black Hills Information Security that does some really nifty things: Password filter Lets say you use the out-of-the-box password policy that comes with Active Directory, and you want to change your password to Winter2017! - AD is gonna say "Yeah dude/dudette, go for it...it fits the bill!" But from an attacker's perspective we know this is bad - people love to pick bad seasonal passwords like Winter2017, Summer2019, etc. With CredDefense's password filter in the mix, any new password gets checked against an additional word list, and if there's a match found within, BAM!! - password rejected. Password audit Ok, so now are you curious who in your AD environment is already using crappy passwords like Winter2017? Load up the password audit feature, feed it a big wordlist like rockyou, and you'll be good to go in no time. ResponderGuard This is a nifty PowerShell tool that can jack with pentesters/attackers in your environment who are running the popular cred-stealing Responder tool. And what I especially appreciate from a blue team perspective is that if ResponderGuard catches Responder in use in the environment, it can stamp a log in the event log, which can then in turn generate an email if you're using something like WEFFLES (which we talked about recently) and the nifty WEFFLES email script my pal hackern0v1c3 put together here.
NOW PLAYING
7MS #301: CredDefense
No transcript for this episode yet
Similar Episodes
Jul 14, 2026 ·77m
Jun 20, 2026 ·31m
Jun 20, 2026 ·24m
Jun 20, 2026 ·42m
Jun 20, 2026 ·26m
Jun 20, 2026 ·22m