MarkoH17 / Spray365View external linksLinks
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
☆367Jun 24, 2025Updated 7 months ago
Alternatives and similar repositories for Spray365
Users that are interested in Spray365 are comparing it to the libraries listed below
Sorting:
- An Office365 User Attack Tool☆645Mar 19, 2024Updated last year
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆484Sep 24, 2025Updated 4 months ago
- Modular Enumeration and Password Spraying Framework☆129Apr 10, 2024Updated last year
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 3 months ago
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆153Feb 10, 2023Updated 3 years ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,254Mar 19, 2025Updated 10 months ago
- Enumerate information from NTLM authentication enabled web endpoints 🔎☆504Sep 23, 2025Updated 4 months ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆821Oct 27, 2023Updated 2 years ago
- Username enumeration and password spraying tool aimed at Microsoft O365.☆976Nov 6, 2024Updated last year
- Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!☆1,288Feb 5, 2026Updated last week
- A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…☆1,072Mar 19, 2024Updated last year
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,256Dec 9, 2025Updated 2 months ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 5 months ago
- Finding all things on-prem Microsoft for password spraying and enumeration.☆258May 17, 2022Updated 3 years ago
- AzureRT - A Powershell module implementing various Azure Red Team tactics☆235Jun 17, 2022Updated 3 years ago
- Maximizing BloodHound. Max is a good boy.☆531Apr 25, 2025Updated 9 months ago
- Azure JWT Token Manipulation Toolset☆711Dec 6, 2024Updated last year
- retrieve information via O365 and AzureAD with a valid cred☆730Aug 14, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆482Oct 14, 2022Updated 3 years ago
- Proof-of-concept obfuscation toolkit for C# post-exploitation tools☆430Jul 22, 2022Updated 3 years ago
- Azure Security Resources and Notes☆1,707Feb 2, 2026Updated last week
- Python3 o365 User Enumeration Tool☆562Jan 28, 2026Updated 2 weeks ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆482Jul 9, 2024Updated last year
- Pass the Hash to a named pipe for token Impersonation☆313Nov 29, 2023Updated 2 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆386Apr 16, 2022Updated 3 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆532Nov 19, 2024Updated last year
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆863Mar 20, 2023Updated 2 years ago
- A tool for checking if MFA is enabled on multiple Microsoft Services☆1,631Mar 4, 2025Updated 11 months ago
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,515Feb 5, 2026Updated last week
- Dump NTDS with golden certificates and UnPAC the hash☆646Mar 20, 2024Updated last year
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,049Nov 9, 2024Updated last year
- TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!☆1,298Jan 29, 2026Updated 2 weeks ago
- Framework for Kerberos relaying☆939May 29, 2022Updated 3 years ago
- onedrive user enumeration - pentest tool to enumerate valid o365 users☆742Jul 29, 2025Updated 6 months ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,048Jan 22, 2026Updated 3 weeks ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆372Sep 20, 2025Updated 4 months ago
- Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…☆503May 16, 2023Updated 2 years ago
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- ☆252Sep 28, 2023Updated 2 years ago