SecurityRiskAdvisors/msspray SecurityRiskAdvisors/msspray

  • This repository has been archived on 26/Dec/2023
  • Stars
    star
    142
  • Rank 258,435 (Top 6 %)
  • Language
    Python
  • License
    MIT License
  • Created about 4 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
SecurityRiskAdvisors/msspray
github

SecurityRiskAdvisors

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Password attacks and MFA validation against various endpoints in Azure and Office 365

Note: This repository is no longer being developed

msspray.py

MSSpray is used to conduct password spray attacks against Azure AD as well as validate the implementation of MFA on Azure and Office 365 endpoints

  ------------------------------------------------------------
 |    ;---<<<<,______________________________________________ |
 |   _|_     /        /  ____/  ____/  __ /  __ / __  /  /  / |
 |  /   \   /  /  /  /____  /____  /  ___/   __/     / \   /  |
 |  |   |  /__/__/__/______/______/__/  /__/\_\__/__/  /__/   |
 |  |___|                                                     |
  ------------------------------------------------------------

Usage

Perform a password spray against the selected endpoint with the supplied userfile (one email address per line) and password and the option to stop on success (stop):

python3 msspray.py spray <userfile> <password> <endpoint_selection> <stop/blank>

Check each endpoint for authentication with a valid username and password:

python3 msspray.py validate <username> <password>

Endpoints (Default is 1)

Number Endpoint Endpoint URL
[1] aad_graph_api https://graph.windows.net
[2] ms_graph_api https://graph.microsoft.com
[3] azure_mgmt_api https://management.azure.com
[4] windows_net_mgmt_api https://management.core.windows.net
[5] cloudwebappproxy https://proxy.cloudwebappproxy.net/registerapp
[6] officeapps https://officeapps.live.com
[7] outlook https://outlook.office365.com
[8] webshellsuite https://webshell.suite.office.com
[9] sara https://api.diagnostics.office.com
[10] office_mgmt https://manage.office.com
[11] msmamservice https://msmamservice.api.application
[12] spacesapi https://api.spaces.skype.com
[13] datacatalog https://datacatalog.azure.com
[14] database https://database.windows.net
[15] AzureKeyVault https://vault.azure.net
[16] onenote https://onenote.com
[17] o365_yammer https://api.yammer.com
[18] skype4business https://api.skypeforbusiness.com
[19] o365_exchange https://outlook-sdf.office.com

Examples

spray against https://graph.windows.net, stopping on first successful login

python3 msspray.py spray users.txt Spring2020 1 stop

spray against https://management.core.windows.net

python3 msspray.py spray users.txt Spring2020 4

check all endpoints using valid account

python3 msspray.py validate [email protected] ReallyBadPass

Blog Post: https://sra.io/blog/msspray-wait-how-many-endpoints-dont-have-mfa/

For any questions, feel free to reach out to me on Twitter @__TexasRanger

More Repositories

1

VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1,329
star
2

cmd.jsp

A super small jsp webshell with file upload capabilities.
Java
281
star
3

RedTeamSIEM

Repository of resources for configuring a Red Team SIEM using Elastic
Shell
97
star
4

TALR

Threat Alert Logic Repository
Shell
89
star
5

PDBlaster

Python
48
star
6

letItGo

Enumerate and check domains for Azure tenants
Go
43
star
7

indexes

Test case indexes
35
star
8

dredd

Automated detection rule analysis utility
Python
29
star
9

ATTiRe

Attack Tool Timing and Reporting - Structured Attack Logging Format
20
star
10

logstash-input-okta_system_log

Create Logstash events from the Okta API!
Ruby
19
star
11

Burp-Load-Balancer-Cookie-Scanner

Burp extension to find and decode BigIP and Netscaler cookies
Java
15
star
12

sra-taxii2-server

TAXII 2.0 Server implemented in Node JS with MongoDB backend
JavaScript
11
star
13

mitreevalsdb

MITRE Evaluations Database
HTML
9
star
14

logstash-input-okta_enterprise

Ruby
8
star
15

Struts-Checker

Proof of concept Apache Struts/JAR identification and versioning tool for *nix platforms.
Shell
8
star
16

SHADOWSTAR

Internet registry shadowing service
Python
8
star
17

invoke-atomic-attire-logger

ATTiRe logging for Invoke-Atomicredteam
PowerShell
8
star
18

vectr-tools

Sample tools for use with VECTR
Python
6
star
19

wireguard_remote_access

A python(3) script for managing a remote access Wireguard VPN server
Python
6
star
20

covid19-payloads

Phishing payloads for simulating itw COVID-19 related attacks and CTI export for tracking with VECTR
VBA
5
star
21

DMA-offsets

Python
5
star
22

dnstwist-monitor

Monitor client domains for typosquatting attacks using dnstwist + AWS
Python
5
star
23

lifesciences-index

Life Sciences Threat Index
4
star
24

timberlake

AWS attack automation utility
Python
4
star
25

llmnr-sphinx

Ask questions of your network to find a rogue LLMNR server.
Python
3
star
26

sra-stix2-validator

stix2 schema validation for Node JS
JavaScript
3
star
27

marketmaker

Python
3
star
28

repoharvester

Harvest email addresses from commit entries from Github -- faster
Go
2
star
29

azure-security-tools

A collection of tools for azure security
2
star
30

sra-taxii2-server-model

Mongoose model for SRA Taxii 2.0 ecosystem. Shared data model and access across services for ease of maintenance.
JavaScript
1
star
31

sra-taxii2-manager-server

TAXII2 server manager for sra-taxii2-server, provides initial auth management and CRUD operations for TAXII2 server pieces
JavaScript
1
star
32

GetInTheBox

HCL
1
star
33

logstash-input-box_enterprise

A plugin to pull enterprise events from box.com.
Ruby
1
star
34

pdcd

Tool that orchestrates executing Docker containers to build payloads
Python
1
star
35

vectr-sql-migration

A tool to migrate VECTR data from 8.x to 9.x
1
star