BOF-SprayAD
Password sprayer
A tool that uses Windows API to perform password spray attacks on domain accounts using either Kerberos or LDAP authentication.
Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray
43 stars
1 watching
1 forks
Language: C
last commit: almost 2 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 dafthack/msolspray | A tool that simulates password login attempts to Azure accounts, logging relevant information such as account status and error codes. | 918 |
 outflanknl/spray-ad | Automates an Active Directory password spraying attack to identify weak or guessable passwords | 426 |
| dafthack/domainpasswordspray | A tool designed to automate password spraying attacks against domain users | 1,799 |
 martiningesen/msolspray | A tool for testing Microsoft Online accounts by spraying passwords and gathering account information. | 85 |
 ustayready/credking | A tool that automates password spraying using AWS Lambda across multiple regions and IP addresses. | 579 |
| hagrid29/bof-credui | A C-based tool for invoking Windows credential prompt using the CredUIPromptForWindowsCredentials API | 18 |
 octoberfest7/killdefender_bof | A tool that allows an attacker to elevate privileges and gain control over the Windows Defender service | 62 |
 netero1010/rdphijack-bof | A tool for hijacking remote RDP sessions using the WinStationConnect API | 297 |
 cube0x0/bofroast | Toolset for extracting and exploiting Kerberos authentication data from Active Directory domains | 220 |
 boku7/halosgate-ps | A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. | 95 |
 airbus-cert/invoke-bof | Loads and executes a malicious payload in a Windows system using PowerShell. | 245 |
 cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 145 |
 cboesecurity/password_pwncheck | A tool that checks password strength against breached lists and other rules to help maintain enterprise password policies. | 158 |
| netero1010/quser-bof | A proof-of-concept implementation of a Windows API-based backdoor using the quser.exe utility | 83 |
 0x3rhy/adduser-bof | A Cobalt Strike BOF that exploits a vulnerability to add an admin user | 70 |