Penetration Test Tip: Add already guessed or cracked passwords to wordlist
When doing a penetration test, password attacks, while they lack the "sex appeal" of using the latest exploits in Metasploit to 0wn a b0x3r, are still disturbingly effective. Additionally, those same passwords are likely to be used on other machines, whether they be initial passwords for new/unused accounts or the same individual uses the same password on different systems.
Either way, once you guess a password (using enum.exe or the like) or crack a password from an encrypted hash (using John the Ripper or the like), add that password to the beginning of the master wordlist or dictionary list that you will use for the remainder of the penetration test, so that password is checked earlier rather than later.
Want to learn more? Check out:
SANS Security 560: Network Penetration Testing and Ethical Hacking
SANS Security 504: Hacker Techniques, Exploits and Incident Handling