O365Spray – Username Enumeration And Password Spraying Tool Aimed At Microsoft O365

For educational, authorized and/or research purposes only. o365spray a username enumeration and password spraying tool aimed at Microsoft Office 365 (O365). This tool reimplements a collection of enumeration and spray techniques researched and identified by those mentioned in Acknowledgments. WARNING: The oAuth2 module for user enumeration is performed by submitting a single authentication attempt perRead More

ZipExec – A Unique Technique To Execute Binaries From A Password Protected Zip

ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk. This encoded string is then loaded into a JScript file that when executed, would rebuild the password-protected zip file on disk and execute it. ThisRead More

Cracken – A Fast Password Wordlist Generator, Smartlist Creation And Password Hybrid-Mask Analysis Tool

Cracken is a fast password wordlist generator, Smartlist creation and password hybrid-mask analysis tool written in pure safe Rust (more on talk/). Inspired by great tools like maskprocessor, hashcat, Crunch and 珞 HuggingFace’s tokenizers. What? Why? Woot?? At DeepSec2021 we presented a new method for analysing passwords as Hybrid-Masks exploiting common substrings in passwords byRead More

goEnumBruteSpray – User Enumeration And Password Bruteforce On Azure, ADFS, OWA, O365 And Gather Emails On Linkedin

The recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can be retrieved to avoid account lockout, to know that the password is good but expired, MFA enabled,… Linkedin This module should be used to retrieve a list of email addresses before validating them through a user enumeration module.Read More

Keeweb – Free Cross-Platform Password Manager Compatible With KeePass

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn’t require any server or additional resources. The app can run either in browser, or as a desktop app. Quick Links Apps: Web, Desktop Timeline: Release Notes, TODO On one page: Features, FAQ Website: keeweb.info Twitter: kee_web Donate: OpenCollective, GitHub StatusRead More

BruteLoops – Protocol Agnostic Online Password Guessing API

A dead simple library providing the foundational logic for efficient password brute force attacks against authentication interfaces. See various Wiki sections for more information. A “modular” example is included with the library that demonstrates how to use this package. It’s fully functional and provides multiple brute force modules. Below is a sample of its capabilities:Read More

SharpSpray – Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts

SharpSpray is a Windows domain password spraying tool written in .NET C#. Introduction SharpSpray is a C# port of DomainPasswordSpray with enhanced and extra capabilities. This tool uses LDAP Protocol to communicate with the Domain active directory services. Features Can operate from inside and outside a domain context. Exclude domain disabled accounts from the spraying.Read More

AES256_Passwd_Store – Secure Open-Source Password Manager

This script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retrieve passwords from a previously generated database file. This script takes a master password from stdin/from memory, then hashes the password using the specified hashing algorithm passed to the algorithm parameter/-a (scrypt, sha256) and finally AES-256Read More

SharpLAPS – Retrieve LAPS Password From LDAP

The attribute ms-mcs-AdmPwd stores the clear-text LAPS password. This executable is made to be executed within Cobalt Strike session using execute-assembly. It will retrieve the LAPS password from the Active Directory. Require (either): Account with ExtendedRight or Generic All Rights Domain Admin privilege Usage LDAP host to target, most likely the DC Optional /user:<username> UsernameRead More

X