Add: treebuilder/aad-sso-enum-brute-spray to Credential Access section

2024-06-25 05:02:13 +00:00 · 2021-10-01 10:02:57 +07:00 · 2021-10-01 10:02:57 +07:00 · b9df1e41d6
commit b9df1e41d6
parent 491fcfe75f
1 changed files with 5 additions and 2 deletions
--- a/Offensive.md
+++ b/Offensive.md
@ -1745,13 +1745,16 @@ Some tools can be categorized in more than one category. But because the current
    </tr>
    <tr>
        <td><a href="https://github.com/SnaffCon/Snaffler">SnaffCon/Snaffler</a></td>
-        <td>Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible) in
-            a bunch of horrible boring haystacks (a massive Windows/AD environment).</td>
+        <td>Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment).</td>
    </tr>
    <tr>
        <td><a href="https://github.com/swisskyrepo/SharpLAPS">swisskyrepo/SharpLAPS</a></td>
        <td>Retrieve LAPS password from LDAP</td>
    </tr>
+    <tr>
+        <td><a href="https://github.com/treebuilder/aad-sso-enum-brute-spray">treebuilder/aad-sso-enum-brute-spray</a></td>
+        <td>POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln</td>
+    </tr>
    <tr>
        <td><a href="https://github.com/uknowsec/SharpDecryptPwd">uknowsec/SharpDecryptPwd</a></td>
        <td>对密码已保存在 Windwos 系统上的部分程序进行解析,包括：Navicat,TeamViewer,FileZilla,WinSCP,Xmangager系列产品（Xshell,Xftp)。</td>