Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Finding all things on-prem Microsoft for password spraying and enumeration.

Low and slow password spraying tool, designed to spray on an interval over a long period of time

A script to test credentials against Active Directory Federation Services (ADFS), allowing password spraying or bruteforce attacks.

Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Fast website scraper and wordlist generator

Fast multithreaded multiplatform password spraying tool designed for easy use. Supports webhooks, jitter, delay, files, rotation, backend database

TheSprayer is a cross-platform tool designed to help penetration testers spray passwords against an Active Directory domain without locking out accounts.

This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.

Mass Social Engineering tool and Email and Account Extraction (Random Brute Force Discovery) and Password Brute Force through Tor.

A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout Threshold and a Reset Account Lockout Counter.

Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerShell.

Offensive tool for guessing Active Directory credentials via Kerberos

Advanced FTP/SSH/HTTP Bruteforce tool.

A DOM-based G-Suite Password Sprayer

A simple IMAP password sprayer

A script that perform a Pre-Auth with a Domain Controller with a given username and a list of hashes

A powershell based tool for credential spraying in any AD env.

Password Spraying and Brute Forcing over Kerberos