Giters

whoamins / AutoSprayWithCME

Automate your domain password spraying

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

active-directorybruteforcecybersecuritypasswordsprayingpentest

AutoSprayWithCME

This script automates and performs a secure password spraying using CrackMapExec on all domain users who have attempts to enter the password incorrectly

WARNING: The script may contain a bug that will ban accounts. The script hasn't yet passed the full debugging cycle.

Get users for password spraying

Is user available for password spraying?

if user_badpwdtime < (Account Lockout Threshold * 0.4) -> True

Using

To use it, you need to install CrackMapExec

sudo apt-get install crackmapexec

./spray.sh 10.10.10.10 John.Doe P@ssw0rd

TODO

Some notes on what I want to add in the future

  • Determine what is using on password policy, minutes or hours.
  • Less verbose output
  • Spray without domain account using username wordlist

About

Automate your domain password spraying

active-directorybruteforcecybersecuritypasswordsprayingpentest

Languages

Language:Shell 100.0%