MartinIngesen / MSOLSpray
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
☆86Updated 8 months ago
Alternatives and similar repositories for MSOLSpray:
Users that are interested in MSOLSpray are comparing it to the libraries listed below
- Azure AD RedTeam Full Enumeration Script used to query all aspects of your target Azure tenant.☆69Updated 7 months ago
- Password Spraying Script detecting current and previous passwords of Active Directory User☆65Updated 3 years ago
- Python3 tool to perform password spraying against Microsoft Online service using various methods☆85Updated last year
- ☆12Updated 2 months ago
- Library of sites for categorization☆26Updated 6 years ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆41Updated 3 years ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆91Updated last year
- This script gets all accepted domains in Microsoft 365 using autodiscover, gets the tenant name and checks if there is a Microsoft Defend…☆21Updated 8 months ago
- Custom queries list for BloodHound☆23Updated 5 months ago
- ☆41Updated 4 years ago
- An ike-scan wrapper to simplify penetration testing IKE and encourage stronger IKE implementations.☆34Updated 8 months ago
- ☆54Updated last year
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆98Updated 7 months ago
- A collection of Neo4j/BloodHound queries to collect interesting information.☆45Updated 2 years ago
- Efflanrs - GUI for Snaffler Output☆24Updated 5 months ago
- ☆43Updated 2 weeks ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆87Updated last year
- Enumerate and check domains for Azure tenants☆46Updated 3 years ago
- BH Cypher Queries picked up from random places☆38Updated 6 years ago
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆39Updated last year
- PoC for CVE-2021-36934, which enables a standard user to be able to retrieve the SAM, Security, and Software Registry hives in Windows 10…☆34Updated 2 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆48Updated 2 years ago
- Fly into Gophish with One Click (Infra Automation)☆46Updated last year
- Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.☆36Updated 10 months ago
- ☆100Updated 2 years ago
- This repo will contain some basic pentest/RT commands.☆37Updated 2 years ago
- Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information☆73Updated 2 years ago
- Red Teaming & Active Directory Cheat Sheet.☆39Updated last year
- A tool to assist in the development of landing pages for phishing campaigns☆15Updated 2 years ago
- User enumeration and password spraying tool for testing Azure AD☆69Updated 2 years ago