DomainPasswordSpray
DomainPasswordSpray copied to clipboard
dafthack
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFU...
Checking for Empty passwords was not possible so far via DomainpasswordSpray. To change this I added a new parameter `-EmptyPassword` which also checks for accounts **without any password set** at...
When trying to run the script from a non domain joined machine while specifying the domain name the following error is displayed: "Could not connect to the domain. Try specifying...
Update - If you don't need it, you can just delete or comment out the function timer and the script works fine. After a recent update the script fails with...
As a note here, I didn't set a -Delay value, because it previously defaulted to 30 minutes, which was acceptable. It looks like that default is still there, if I'm...
I was on an engagement were I couldn't poll for the observation window, but I knew their account lockout policy. So, this is a parameter that you can pass to...
https://github.com/dafthack/DomainPasswordSpray/blob/45d2524c0b2ca591f86649a7e90302440c3a4fd9/DomainPasswordSpray.ps1#L451 This causes users that have badPwdCount = $null to be excluded from the password spray. Is there a reason for this or just a mistake? Value could for example...
Potential fix for https://github.com/dafthack/DomainPasswordSpray/issues/21
For an unknown reason, on Windows 10 Version 10.0.18363 with PowerShell 5.1, the current code fails to properly detect lockout Windows and reports errors about NullArray and ConvertLargeIntegerToInt64 This rewrites...
