Buying your data
Background When doing internal penetration tests or Active Directory assessments you will at one time or another obtain password hashes for accounts that require brute-force attacks or wordlist attacks to gain the plaintext passwords.
When in this situation, publicly leaked password databases can come in handy to get a sense of the password complexity and common passwords used by a company. Searching for the domain name of the company will give a glimpse of the password schema for the leaked accounts.
Posted by viksafe on Monday, July 26, 2021