How can I test passwords against a dictionary / word list, where the entries have been fuzzed to some degree?
By "fuzzed", I mean variants of words with "l33t" conversions and other character conversions are included in the check.
Ideally, I would like to pass in a password value, have the utility check the password, and return a yes/no value.
Best Answer
John the Ripper has modes which can be used to test password strength against a fuzzed list. It supports creating your own fuzzing rules, and uses whatever dictionaries you provide. It comes by default with a large set of common fuzzing rules installed, including 1337 transformation, word flipping, doubling, uppercasing, simple number/symbol appending, etc.