fgdump

by fizzgig and foofus.net

fgdump is a Windows password auditing and recovery program for local accounts.

Operating system: Windows

Publisher: fizzgig and foofus.net

Antivirus check: passed

Report a Problem

Fgdump

Overview

Fgdump is an open-source, free-to-use password auditing software, developed by Foundstone Inc. It is used to crack Windows passwords using the Windows Security Accounts Manager (SAM) stored in the computer’s registry. Fgdump is capable of performing dictionary, brute-force, and hybrid attacks on SAM authentication databases.

Fgdump was created as a free alternative to other commercial password auditing software, such as L0phtCrack and Cain & Abel. It is designed to be used by security professionals who need to audit Windows passwords for security assessments.

fgDump provides a fast and easy way to extract Windows credentials from an active system.
Features:

Fgdump is a powerful, yet easy to use password auditing software. It offers a variety of features, including:

• Ability to crack Windows passwords using the Windows Security Accounts Manager (SAM) stored in the computer’s registry
• Support for dictionary, brute-force, and hybrid attacks
• Ability to generate reports in HTML format
• Ability to save cracked passwords to a text file
• Ability to audit passwords on remote computers
• Ability to audit multiple computers simultaneously
• Ability to audit passwords on a single computer
• Ability to audit passwords on a network
• Ability to audit passwords on multiple local accounts
• Ability to audit passwords on multiple domain accounts
• Ability to audit passwords on multiple groups
• Ability to audit passwords on multiple service accounts
• Ability to audit password strength
• Ability to audit password history
• Ability to audit password policies
• Ability to audit password expiration policies
• Ability to audit password complexity policies
• Ability to audit account lockout policies
• Ability to audit account disablement policies
• Ability to audit password reset policies
• Ability to audit password change policies
• Ability to audit password storage policies
• Ability to audit NTLM hashes
• Ability to audit Kerberos keys
• Ability to audit LM hashes
• Ability to audit cached domain credentials
• Ability to audit remote desktop credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to audit local user accounts
• Ability to audit domain user accounts
• Ability to audit local group accounts
• Ability to audit domain group accounts
• Ability to audit service accounts
• Ability to audit NTLM authentication
• Ability to audit Kerberos authentication
• Ability to audit LM authentication
• Ability to audit NTMLv2 authentication
• Ability to audit NTLMv2 authentication
• Ability to audit cached credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to audit account lockout policies
• Ability to audit password reset policies
• Ability to audit password change policies
• Ability to audit password storage policies
• Ability to audit NTLM hashes
• Ability to audit Kerberos keys
• Ability to audit LM hashes
• Ability to audit cached domain credentials
• Ability to audit remote desktop credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to audit local user accounts
• Ability to audit domain user accounts
• Ability to audit local group accounts
• Ability to audit domain group accounts
• Ability to audit service accounts
• Ability to audit NTLM authentication
• Ability to audit Kerberos authentication
• Ability to audit LM authentication
• Ability to audit NTMLv2 authentication
• Ability to audit NTLMv2 authentication
• Ability to audit cached credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to generate HTML reports
• Ability to save cracked passwords to a text file
• Ability to audit passwords on remote computers
• Ability to audit multiple computers simultaneously
• Ability to audit passwords on a single computer
• Ability to audit passwords on a network
• Ability to audit passwords on multiple local accounts
• Ability to audit passwords on multiple domain accounts
• Ability to audit passwords on multiple groups
• Ability to audit passwords on multiple service accounts
• Ability to audit password strength
• Ability to audit password history
• Ability to audit password policies
• Ability to audit password expiration policies
• Ability to audit password complexity policies
• Ability to audit account lockout policies
• Ability to audit account disablement policies
• Ability to audit password reset policies
• Ability to audit password change policies
• Ability to audit password storage policies
• Ability to audit NTLM hashes
• Ability to audit Kerberos keys
• Ability to audit LM hashes
• Ability to audit cached domain credentials
• Ability to audit remote desktop credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to audit local user accounts
• Ability to audit domain user accounts
• Ability to audit local group accounts
• Ability to audit domain group accounts
• Ability to audit service accounts
• Ability to audit NTLM authentication
• Ability to audit Kerberos authentication
• Ability to audit LM authentication
• Ability to audit NTMLv2 authentication
• Ability to audit NTLMv2 authentication
• Ability to audit cached credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to audit account lockout policies
• Ability to audit password reset policies
• Ability to audit password change policies
• Ability to audit password storage policies
• Ability to audit NTLM hashes
• Ability to audit Kerberos keys
• Ability to audit LM hashes
• Ability to audit cached domain credentials
• Ability to audit remote desktop credentials
• Ability to audit cached logon credentials
• Ability to audit roaming user profiles
• Ability to generate HTML reports
• Ability to save cracked passwords to a text file
1. Operating System: Windows XP or later
2. Memory: 512 MB RAM
3. Hard Disk: 20 MB of free disk space
4. Processor: Pentium 3 or higher
5. .NET Framework: .NET Framework 4.0 or later
6. Software: An SSH client such as PuTTY or WinSCP

PROS
Efficient in retrieving Windows password hashes.
Works effectively even on locked accounts.
Requires minimal user input and experience.

CONS
Complex interface not user-friendly for non-tech savvy individuals.
Inconsistent performance can cause system errors and confusion.
Does not offer multi-platform support or compatibility.

Nathan
Wed, Jan 31, 2024

Fgdump is described as 'A powerful password dumping utility for Microsoft Windows 2000/XP/2003/Vista' and is a penetration testing tool in the network & admin category. Fgdump is a tool that is designed to assess the security of a system by demonstrating how Windows credentials can be retrieved. It emphasizes the importance of safeguarding against attacks and highlights the need to protect access codes. It should be noted that fgdump is a command line tool, without an interface and antivirus engines. It may sometimes give positives due to the nature of its procedures. The tool provides automation for dumps and allows you to configure various parameters such as thread count cache, dump skipping logging output details and attempts to disable antivirus tools. While it can be valuable for users evaluating machine security, fgdump may have limitations on newer Windows systems. Overall fgdump helps in testing system security by retrieving stored credentials in Windows with administrator level access. However its compatibility with versions of Windows and reliance on command line interface may make it less user friendly for those, with experience.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Leo K.
I have been using FGDump for a couple of years. Overall, it has proven to be a very reliable and easy-to-use password auditing tool. It is straightforward to use and I have found it to be very effective in recovering weak passwords from Windows systems. The user-friendly graphical interface makes it easy to learn the software quickly. It can be used to audit local and remote systems and even entire networks. The software provides comprehensive logging and reporting capabilities, helping to identify any weaknesses in system security. In addition, it is regularly updated, ensuring that the latest security threats are addressed.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Liam W********h
Fgdump is a great tool for quickly grabing password hashes and storing them securly, however I've had some issues with it crashing when running on large domains.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Cameron J*********e
This software is a command-line tool designed for password security auditing. It is used to extract password hashes from Windows operating systems. It can also be used to audit password strength and to crack passwords using dictionary or brute-force attacks. It supports multiple output formats and can be used in conjunction with other tools for further analysis.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Riley O********z
Fgdump is a powerful password cracking tool used for retrieving Windows passwords.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Evan
This tool is highly effective for extracting Windows password hashes.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Leon
Effective for password cracking, but outdated.
image/svg+xmlBotttsPablo Stanleyhttps://bottts.com/Florian Körner Max
Efficient, user-friendly password extraction.
Finlay
Woked great for network password recoevry!
iLok License Manager
The software programme is installed on the user's PC, and it communicates with the PACE database through our activation services.You may manage your iLok-enabled software licences and activation sites with the iLok License Manager programme.
SocksCap64
Makes programs use a specific SOCKS proxy server; Hides your IP address and activity.
Agent DVR

Agent DVR is a powerful surveillance and monitoring software that allows users to remotely manage and view multiple IP cameras and other security devices.

Certify The Web

Certify The Web is a certificate management and monitoring solution that automates the installation, renewal and revocation of SSL/TLS certificates.

Service Protector
Service Protector is a program that monitors and automatically restarts services, ensuring that they continue to run optimally, even when a system is rebooted or a service crashes.