DomainPasswordSpray vs Ruler
GitHub Stats
About DomainPasswordSpray
DomainPasswordSpray is a PowerShell tool that performs password spray attacks against Active Directory domain user accounts. Unlike credential stuffing which tries many passwords against one account, password spraying tries one password against all accounts to avoid lockout policies. The tool automatically enumerates domain users, respects account lockout thresholds and observation windows, and can target specific organizational units or groups. It outputs successful credentials and supports custom password lists. Lockout-aware design makes it safer than manual spraying approaches.
About Ruler
Ruler is a tool for interacting with Exchange servers through the MAPI/HTTP or RPC/HTTP protocol. It exploits legitimate Exchange and Outlook features (mail rules, forms, and home pages) to achieve remote code execution on target workstations. When a user opens Outlook, malicious rules trigger command execution, or injected forms/home pages render attacker-controlled content with script execution. Ruler can also enumerate valid credentials via brute-force, perform autodiscover probing, and extract the Global Address List. It demonstrates how Exchange features become attack vectors in enterprise environments.
Platform Support
Tags
DomainPasswordSpray only
Ruler only