Password attacks and MFA validation against various endpoints in Azure and Office 365
☆153Feb 10, 2023Updated 3 years ago
Alternatives and similar repositories for msspray
Users that are interested in msspray are comparing it to the libraries listed below
Sorting:
- User enumeration with Microsoft Teams API☆175Jul 9, 2021Updated 4 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆484Sep 24, 2025Updated 5 months ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆367Jun 24, 2025Updated 8 months ago
- Azure JWT Token Manipulation Toolset☆714Dec 6, 2024Updated last year
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- ☆142May 4, 2022Updated 3 years ago
- ADCS abuser☆314Feb 6, 2023Updated 3 years ago
- ☆155Dec 14, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated last year
- Check for LDAP protections regarding the relay of NTLM authentication☆531Nov 19, 2024Updated last year
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,051Jan 22, 2026Updated last month
- Beacon Object File & C# project to check LDAP signing☆199Aug 7, 2024Updated last year
- Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual☆14Jul 13, 2022Updated 3 years ago
- NTLM relaying for Windows made easy☆580Apr 25, 2023Updated 2 years ago
- Maximizing BloodHound. Max is a good boy.☆531Apr 25, 2025Updated 10 months ago
- ☆246Dec 16, 2022Updated 3 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- Tool for interacting with outlook interop during red team engagements☆146Jun 29, 2021Updated 4 years ago
- Username enumeration and password spraying tool aimed at Microsoft O365.☆977Nov 6, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Beacon Object Files for roasting Active Directory☆235Feb 21, 2022Updated 4 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 2 years ago
- ☆65Jan 2, 2024Updated 2 years ago