Here is a Password Auditor - Discover weak credentials sample report:
The tool scans a range of IP addresses for network services that require authentication (ex. HTTP web forms, SSH, FTP, MYSQL, etc) and detects weak credentials by trying to login using a set of common usernames and passwords
The tool can be used to easily check if any common username/password was used in any network service. This could be an easy entry point into the network.
As a system administrator, you want to check if any of your users have set weak passwords on the services exposed to the internet. This verification should be done periodically.
When auditing the configuration settings of a network infrastructure, it is always needed to check the usage of default passwords (ex. cisco/cisco, admin/admin, etc).
|Target||This is the hostname, IP or IP range to scan|
|Services||Choose which services you want to audit (WWW, SSH, FTP, etc)|
|Credentials||Specify custom credentials to use when doing authentication attempts|
|Parallel requests||Set the number of parallel authentication attempts against a target host|
|Delay between attempts||Specify a delay (in seconds) between consecutive authentication attempts|
|Retries per credential||How many times we should retry a combination of username/password in case it has timedout or returned an error|
|Mutate passwords||Apply password mutation techniques to the input passwords (ex. first letter uppercase, add various suffixes)|