Last week I introduced our new Password Auditor, an internal project I’m working on here at Praetorian. Today, I’m back with a followup screencast that demonstrates one of its major features — Metasploit integration! If you missed the previous screencast, I recommend watching it to get a sense of the tool’s basic functionality.
As you’ll see in the video below, the integration includes a new Metasploit plugin which automates the process between password hash discovery and password hash cracking. As Metasploit populates its database with newly captured password hashes, the plugin will automatically upload those hashes to our Password Auditor for cracking! Options are also available that allow manual hash uploading and the ability to wait for scheduling instructions before cracking.
Feel free to let us know if you have any additional comments or feedback. So far the feedback on our first blog post has been excellent — Thank you!