A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
☆95Jun 6, 2024Updated last year
Alternatives and similar repositories for MSOLSpray
Users that are interested in MSOLSpray are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…☆1,081Mar 19, 2024Updated 2 years ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆14Feb 23, 2022Updated 4 years ago
- Azure JWT Token Manipulation Toolset☆720Dec 6, 2024Updated last year
- Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.☆293May 2, 2024Updated last year
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆151Feb 10, 2023Updated 3 years ago
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆80Mar 30, 2023Updated 2 years ago
- Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend…☆41Sep 9, 2024Updated last year
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- C# port of the Get-AppLockerPolicy PS cmdlet☆100Dec 8, 2022Updated 3 years ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆166Dec 7, 2024Updated last year
- Multi-thread AzureAD Autologon SSO Password Sprayer.☆37Oct 9, 2021Updated 4 years ago
- This extension replaces the default repeater tab name with the URL path of the repeater request.☆24Sep 3, 2021Updated 4 years ago
- Python3 tool to perform password spraying against Microsoft Online service using various methods☆87Mar 12, 2023Updated 3 years ago
- Wordlist generator☆16Aug 18, 2020Updated 5 years ago
- Quick and dirty dynamic redirect.rules generator☆170Oct 12, 2022Updated 3 years ago
- Office 365 and Exchange domain federation enumeration tool☆13Sep 6, 2023Updated 2 years ago
- Dump Azure AD Connect credentials for Azure AD and Active Directory☆785Aug 26, 2025Updated 6 months ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to …☆762Sep 23, 2024Updated last year
- onedrive user enumeration - pentest tool to enumerate valid o365 users☆745Jul 29, 2025Updated 7 months ago
- Reproducible and extensible BloodHound playbooks☆44Jan 20, 2020Updated 6 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- Bash script to take the powerkatz.dll files, encode them using base64 and then replace the old binaries with the new in the Invoke-Mimika…☆16Oct 8, 2016Updated 9 years ago
- Kerberos Resource-Based Constrained Delegation Attack from Outside using Impacket☆622Aug 15, 2025Updated 7 months ago
- TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!☆1,306Jan 29, 2026Updated last month
- Iterative AD discovery toolkit for offensive operations☆85Mar 16, 2020Updated 6 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆218Jan 30, 2026Updated last month
- scan for NTLM directories☆381Aug 13, 2025Updated 7 months ago
- Ansible role to install Cobalt Strike and optionally configure as Teamserver☆33Mar 17, 2021Updated 5 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated 2 years ago
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- LDAP library for auditing MS AD☆489Feb 11, 2026Updated last month
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 6 months ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆33Nov 12, 2022Updated 3 years ago
- Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient☆1,557Oct 17, 2022Updated 3 years ago
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago