Add dafthack/MSOLSpray to Credential Access section

2025-01-05 13:00:49 -05:00 · 2021-02-05 14:25:06 +07:00 · 2021-02-05 14:25:06 +07:00 · 71793800dd
commit 71793800dd
parent 1c2bf2e98a
1 changed files with 4 additions and 0 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -738,6 +738,10 @@ Some tools can be categorized in more than one category. But because the current
        <td><a href="https://github.com/byt3bl33d3r/SprayingToolkit">byt3bl33d3r/SprayingToolkit</a></td>
        <td>Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/dafthack/MSOLSpray">dafthack/MSOLSpray</a></td>
+        <td>A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/DanMcInerney/icebreaker">DanMcInerney/icebreaker</a></td>
        <td>Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment