Password attacks and MFA validation against various endpoints in Azure and Office 365
☆151Feb 10, 2023Updated 3 years ago
Alternatives and similar repositories for msspray
Users that are interested in msspray are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆375Jun 24, 2025Updated 10 months ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆118Sep 30, 2024Updated last year
- Azure JWT Token Manipulation Toolset☆730Dec 6, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆490Sep 24, 2025Updated 7 months ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- ☆246Dec 16, 2022Updated 3 years ago
- Beacon Object File & C# project to check LDAP signing☆201Aug 7, 2024Updated last year
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆163Mar 1, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆487Oct 14, 2022Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆189Jun 22, 2022Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆131Jan 14, 2023Updated 3 years ago
- Beacon Object Files for roasting Active Directory☆238Feb 21, 2022Updated 4 years ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,082Apr 29, 2026Updated 2 weeks ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆158Jul 22, 2021Updated 4 years ago
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- Implant drop-in for EDR testing☆148Nov 15, 2023Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆262May 10, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- NTLM relaying for Windows made easy☆582Apr 25, 2023Updated 3 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆422Mar 21, 2025Updated last year
- ADCS abuser☆321Feb 6, 2023Updated 3 years ago
- ☆143May 4, 2022Updated 4 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Nov 26, 2021Updated 4 years ago
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 6 years ago
- Check for LDAP protections regarding the relay of NTLM authentication☆532Nov 19, 2024Updated last year
- ☆159Dec 14, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Maximizing BloodHound. Max is a good boy.☆534Apr 25, 2025Updated last year
- Beacon Object File (BOF) for remote process injection via thread hijacking☆222Jan 13, 2021Updated 5 years ago
- An Office365 User Attack Tool☆652Mar 19, 2024Updated 2 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Tool for interacting with outlook interop during red team engagements☆147Jun 29, 2021Updated 4 years ago
- Username enumeration and password spraying tool aimed at Microsoft O365.☆1,004Nov 6, 2024Updated last year
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago