(Go) Hash Counter, If you're dumping NTDS.dit hashes and you want to see what are worth focusing on the most (time pressure) this will list the duplicates with the top 40 offenders in highest volume - go run hashhosh.go it will need hashes.txt in the same folder

gistfile1.txt

package main

import (
"bufio"
"fmt"
"os"
"sort"
)

func main() {
// Read in file
file, err := os.Open("hashes.txt")
if err != nil {
fmt.Println("Error reading file:", err)
return
}
defer file.Close()

// Create map to store strings/hashes and their frequency
counts := make(map[string]int)

// Read in file line by line and add hash to map
scanner := bufio.NewScanner(file)
for scanner.Scan() {
	line := scanner.Text()
	counts[line]++
}

// Create slice to store duplicate hashes
duplicates := []string{}

// Add hash with frequency greater than 1 to duplicates slice
for key, value := range counts {
	if value > 1 {
		duplicates = append(duplicates, key)
	}
}

// Sort duplicates slice in descending order
sort.Slice(duplicates, func(i, j int) bool {
	return counts[duplicates[i]] > counts[duplicates[j]]
})

// Print out duplicates and their frequency
fmt.Println("Duplicate Hashes:")
for _, str := range duplicates {
	fmt.Printf("%s: %d\n", str, counts[str])
}

// Print out general statistics
fmt.Println("\nGeneral statistics:")
fmt.Printf("Total Hashes: %d\n", len(counts))
fmt.Printf("Unique Hashes: %d\n", len(counts)-len(duplicates))
fmt.Printf("Duplicate Hashes: %d\n", len(duplicates))

// Print out top 40 highest duplicates
fmt.Println("\nTop 40 highest duplicates:")
for i := 0; i < 40; i++ {
	if i > len(duplicates)-1 {
		break
	}
	fmt.Printf("%s: %d\n", duplicates[i], counts[duplicates[i]])
}

// Print out comment about top 40 highest duplicates needing attention
fmt.Println("\nThese top 40 highest duplicates may need the most attention as they are the most commonly occurring. Altho not uncommon for the highest duplicate to be disabled accounts")


}