MSOLSpray
Password sprayer
A tool for testing Microsoft Online accounts by spraying passwords and gathering account information.
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
85 stars
3 watching
18 forks
Language: Python
last commit: 9 months ago
Linked from 1 awesome list
kyuu-ji/awesome-azure-pentestRelated projects:
| Repository | Description | Stars |
|---|---|---|
 dafthack/msolspray | A tool that simulates password login attempts to Azure accounts, logging relevant information such as account status and error codes. | 918 |
| dafthack/domainpasswordspray | A tool designed to automate password spraying attacks against domain users | 1,799 |
 ustayready/credking | A tool that automates password spraying using AWS Lambda across multiple regions and IP addresses. | 579 |
 outflanknl/spray-ad | Automates an Active Directory password spraying attack to identify weak or guessable passwords | 426 |
 hagrid29/bof-sprayad | A tool that uses Windows API to perform password spray attacks on domain accounts using either Kerberos or LDAP authentication. | 43 |
 d4vinci/elpscrk | A password generator tool based on user profiling and statistics | 793 |
 cboesecurity/password_pwncheck | A tool that checks password strength against breached lists and other rules to help maintain enterprise password policies. | 158 |
 0xzdh/o365spray | A tool designed to automate the process of identifying and authenticating users on Microsoft O365 platforms by enumerating usernames and spraying passwords. | 785 |
 marcwebbie/passpie | A command-line tool to manage and store login credentials securely using encryption. | 921 |
 iphelix/pack | A toolkit for analyzing and improving password cracking operations by identifying common patterns in leaked passwords. | 807 |
 nolze/msoffcrypto-tool | A tool and library for decrypting and encrypting MS Office files using passwords or other keys. | 559 |
 jumpseclabs/rook | Automates password cracking on AWS using GPU-based instances. | 82 |
 optiv/microsoft365_devicephish | A tool designed to demonstrate a vulnerability in Microsoft's OAuth Authorization Flow for phishing attacks | 94 |
 hashview/hashview | A web-based tool for managing and automating password cracking tasks with analytics capabilities. | 362 |
 travco/rephraser | A password cracking tool using Markov chains to generate linguistically plausible candidates | 62 |