GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → nyxgeek → AzureAD_Autologon_Brute

nyxgeek / AzureAD_Autologon_Brute

Licence: other
Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Programming Languages

python
139335 projects - #7 most used programming language

Labels

azurepasswordbruteforceenumerationpentestuser-enumerationazureadpassword-spraying

Projects that are alternatives of or similar to AzureAD Autologon Brute

ComPP
Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.
Stars: ✭ 44 (-51.11%)
Mutual labels:  password, bruteforce, pentest
Dictionary Of Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+446.67%)
Mutual labels:  password, bruteforce, pentest
uberscan
Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-65.56%)
Mutual labels:  password, bruteforce, pentest
weakpass generator
generates weak passwords based on current date
Stars: ✭ 36 (-60%)
Mutual labels:  password, bruteforce, pentest
Hackers Tool Kit
Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (+134.44%)
Mutual labels:  password, bruteforce, pentest
Dirstalk
Modern alternative to dirbuster/dirb
Stars: ✭ 210 (+133.33%)
Mutual labels:  bruteforce, enumeration, pentest
SuperHackerTool5000
A tool that will hack literally anything on the planet. If you get your hands on this tool, be ready to get put behind bars.
Stars: ✭ 31 (-65.56%)
Mutual labels:  password, bruteforce
oneshellcrack
a very very fast brute force webshell password tool
Stars: ✭ 42 (-53.33%)
Mutual labels:  password, bruteforce
K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
Stars: ✭ 4,173 (+4536.67%)
Mutual labels:  password, pentest
K8cscan
K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
Stars: ✭ 693 (+670%)
Mutual labels:  password, pentest
Bruteforce Database
Bruteforce database
Stars: ✭ 806 (+795.56%)
Mutual labels:  password, bruteforce
Dllpasswordfilterimplant
DLL Password Filter Implant with Exfiltration Capabilities
Stars: ✭ 107 (+18.89%)
Mutual labels:  password, pentest
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+93.33%)
Mutual labels:  password, bruteforce
Xbruteforcer
X Brute Forcer Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento
Stars: ✭ 261 (+190%)
Mutual labels:  password, bruteforce
Zydra
Stars: ✭ 178 (+97.78%)
Mutual labels:  password, bruteforce
Ladon
大型内网渗透扫描器&Cobalt Strike,Ladon8.9内置120个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
Stars: ✭ 2,911 (+3134.44%)
Mutual labels:  password, pentest
Bruteforce Http Auth
Bruteforce HTTP Authentication
Stars: ✭ 107 (+18.89%)
Mutual labels:  bruteforce, pentest
Dirsearch
A Go implementation of dirsearch.
Stars: ✭ 164 (+82.22%)
Mutual labels:  bruteforce, enumeration
Wavecrack
Wavestone's web interface for password cracking with hashcat
Stars: ✭ 135 (+50%)
Mutual labels:  password, pentest
Oblivion
Data leak checker & OSINT Tool
Stars: ✭ 237 (+163.33%)
Mutual labels:  password, pentest
View All Similar Projects ➔

AzureAD_Autologon_Brute

Brute force attack tool for Azure AD Autologon

https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/

Usage:
python3 azuread_autologon_brute.py -d intranet.directory -U users.txt -p Password1

[~/AzureAD_Autologon_Brute] # python3 azuread_autologon_brute.py -d intranet.directory -U users.txt -p Password1
Domain is  intranet.directory
Setting password as: Password1
Reading users from file: users.txt

+-----------------------------------------+
|          AzureAD AutoLogon Brute          |
|     2021.09.30 @nyxgeek - TrustedSec      |
+-----------------------------------------+

[-] Username not found:[email protected]:Password1
[+] VALID USERNAME, invalid password :[email protected]:Password1
[-] Username not found:[email protected]:Password1
[-] Username not found:[email protected]:Password1
[-] Username not found:[email protected]:Password1
[-] Username not found:[email protected]:Password1
[+] VALID USERNAME, invalid password :[email protected]:Password1
[-] Username not found:[email protected]:Password1
[+] VALID USERNAME, invalid password :[email protected]:Password1
[-] Username not found:[email protected]:Password1
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].