fgdump 1.5.0 and pwdump 1.5.0 Released!

Good day pen-test folks,

I am pleased to announce the release of pwdump6 1.5.0 as well as fgdump 1.5.0 at the following locations:


For those unfamiliar with the tools, allow me to briefly summarize.

pwdump6 is an updated version of the classic Windows password hash dumper pwdump3e. It has been updated to circumvent DEP which caused crashes on newer operating systems, and has also had several features added to make it more usable.

fgdump is a more powerful version of pwdump6 that performs cached credential dumps of a target host as well as stopping several brands of antivirus while the dumps are running. It is also fully multi-threaded and supports several means of targeting large numbers of hosts. I recommend using fgdump for most pen-test activities, as it has served us well over the past couple of years.

Version 1.5.0 of both programs takes advantage of some changes which makes them less likely to be detected by antivirus, at least as of today. This will be particularly helpful to those of you dealing with recent, more aggressive AV solutions. I have also updated the README file for pwdump6 to give some examples, as it seems some folks were having a hard time figuring out how to get started with it.

As always, I welcome feedback and suggestions, and am certainly willing to help you troubleshoot if you find yourself facing problems.



This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.