Thycotis Weak Password Finder and Microsoft Advanced Threat Analytics

Thycotic made a free tool available to check for bad password in Active Directory

UNCOVER YOUR MOST VULNERABLE SECURITY GAPS: FREE WEAK PASSWORD FINDER FOR ACTIVE DIRECTORY

https://thycotic.com/solutions/free-it-tools/

If we dig into the about file

The core functionality of this product has been inspired by Jakob Heidelberg https://www.linkedin.com/in/heidelberg and developed by Michael Grafnetter https://www.linkedin.com/in/grafnetter.

We can see where the inspiration and development came from , and thank you to Thycotic for making this tool available for free

This is just a quick drill through with the detection from Advanced Threat Analytics

Running on a member server pointing to DC and Domain

Using the overpowered administrator i have logged on with

and ready to scan

Looking through all AD objects

And reporting time

Something very pretty to present to security/management

with 26 items on the todo list to fix

and to the point of the post , Microsoft Advanced Threat Analytics catches the non standard replication

When time permits further digging in the tool , for production enviroment i would always run this in a restored domain controller without network access even though i trust the people involved in this