Lil-Pwny: Offline auditing of Active Directory passwords against HIBP

I don’t know about the capability of DSInternals, having never used it. I agree that a C# may well be quicker, but Python is what I mainly know so its what I stuck with. It does implement multiprocessing to speed things up, the more resources you have, the quicker it runs. I have been running it on an 80 core cloud instance and it checks around 7000 accounts against the 550 million HIBP hashes in around 45 minutes.

Thanks to the Courtesy of :

https://www.reddit.com/r/netsec/comments/eo9nmr/lilpwny_offline_auditing_of_active_directory/

Leave a Reply