ENNAENNA

DomainPasswordSpray

MIT

馃敟 Offensive OpsPowerShell

DomainPasswordSpray is a PowerShell tool that performs password spray attacks against Active Directory domain user accounts. Unlike credential stuffing which tries many passwords against one account, password spraying tries one password against all accounts to avoid lockout policies. The tool automatically enumerates domain users, respects account lockout thresholds and observation windows, and can target specific organizational units or groups. It outputs successful credentials and supports custom password lists. Lockout-aware design makes it safer than manual spraying approaches.

2.0kstars
414forks
23issues
Updated 1y ago
+I use this
View on GitHub

Installation

$ git clone https://github.com/dafthack/DomainPasswordSpray.git

Use Cases

  • Password spraying against AD accounts without triggering lockouts
  • Initial access via weak domain passwords
  • Testing password policy enforcement
  • Targeted spraying against specific OUs or groups

Tags

password-sprayactive-directorycredential-attackpowershelllockout-aware

Details

Category
馃敟 Offensive Ops
Language
PowerShell
License
MIT
Platforms
馃獰windows

Links

GitHub Repository

github.com/dafthack/DomainPasswordSpray

Releases

github.com/dafthack/DomainPasswordSpray/releases

Issues

github.com/dafthack/DomainPasswordSpray/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Used in 1 Workflow

馃攽

Active Directory Password Audit

Advanced7 steps 路 4-8 hours

Community Reviews

Alternatives & Comparisons

THC Hydra

C

Fast online password brute-forcer. Supports 50+ protocols including SSH, FTP, HTTP, SMB, MySQL.

Compare DomainPasswordSpray vs THC Hydra

CrackMapExec

Python

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Compare DomainPasswordSpray vs CrackMapExec

Kerbrute

Go

Tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos pre-authentication.

Compare DomainPasswordSpray vs Kerbrute

MailSniper

PowerShell

PowerShell tool for searching through Exchange and Office 365 email for sensitive data, credentials, and insider threat indicators.

Compare DomainPasswordSpray vs MailSniper

More in Offensive Ops

Mythic

Go

Collaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.

c2red-teammulti-operator

Havoc

C/C++

Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.

c2red-teamgui

Rubeus

C#

C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.

kerberosactive-directoryroasting

Certipy

Python

Active Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.

active-directorycertificatesadcs

Coercer

Python

Automatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.

authentication-coercionntlm-relaypetitpotam

SharpHound

C#

Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.

active-directoryenumerationbloodhound