There are 1 repository under password-spraying topic.
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Finding all things on-prem Microsoft for password spraying and enumeration.
Low and slow password spraying tool, designed to spray on an interval over a long period of time
A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.
Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend database
time-based user enum via Basic Auth in Azure against Autodiscover
TheSprayer is a cross-platform tool designed to help penetration testers spray passwords against an Active Directory domain without locking out accounts.
This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.
Mass Social Engineering tool and Email and Account Extraction (Random Brute Force Discovery) and Password Brute Force through Tor.
A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout Threshold and a Reset Account Lockout Counter.
Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerShell.
Offensive tool for guessing Active Directory credentials via Kerberos
Advanced FTP/SSH/HTTP Bruteforce tool.
A simple IMAP password sprayer
A powershell based tool for credential spraying in any AD env.
A script that perform a Pre-Auth with a Domain Controller with a given username and a list of hashes
Script to bruteforce websites using TextPattern CMS.
A generic DOM-based password sprayer
Python3 tool to perform password spraying on RapidIdentity Portal
Database brute force/password spraying tool
A tool written in Go to perform a few penetration testing techniques in the environment with Active Directory.
Password Spraying and Brute Forcing over HTTP(S)