MartinIngesen / MSOLSpray
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
☆82Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for MSOLSpray
- Python3 tool to perform password spraying against Microsoft Online service using various methods☆84Updated last year
- Enumerate and check domains for Azure tenants☆44Updated 2 years ago
- Azure AD RedTeam Full Enumeration Script used to query all aspects of your target Azure tenant.☆68Updated 4 months ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆41Updated 3 years ago
- This script gets all accepted domains in Microsoft 365 using autodiscover, gets the tenant name and checks if there is a Microsoft Defend…☆21Updated 5 months ago
- Password Spraying Script detecting current and previous passwords of Active Directory User☆63Updated 3 years ago
- ☆51Updated last year
- Library of sites for categorization☆26Updated 5 years ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆82Updated last year
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆85Updated last year
- Modular Enumeration and Password Spraying Framework☆109Updated 7 months ago
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆98Updated 4 months ago
- A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…☆31Updated last year
- This script is a multi-threaded Okta password sprayer.☆69Updated 10 months ago
- ☆9Updated 2 weeks ago
- ☆98Updated 2 years ago
- Material for the "Hands-On BloodHound" Workshop☆106Updated 3 years ago
- Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information☆72Updated 2 years ago
- Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved…☆62Updated 3 years ago
- A collection of Neo4j/BloodHound queries to collect interesting information.☆45Updated 2 years ago
- A tool to assist in the development of landing pages for phishing campaigns☆15Updated 2 years ago
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆38Updated last year
- Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.☆36Updated 7 months ago
- blame Huy☆42Updated 3 years ago
- Red Team "Drop and Run" NAC (802.1x) Bypass☆69Updated last year
- ☆35Updated 3 years ago
- ☆20Updated 9 months ago
- An ike-scan wrapper to simplify penetration testing IKE and encourage stronger IKE implementations.☆34Updated 5 months ago
- User enumeration and password spraying tool for testing Azure AD☆68Updated 2 years ago
- Ansible playbooks for instrumenting a Red Team environment with RedElk☆47Updated 4 years ago