TREVORspray v2.0 releases: featureful Python O365 sprayer

by do son · Published · Updated

TREVORspray

TREVORspray

A featureful Python O365 sprayer based on MSOLSpray which uses the Microsoft Graph API

Microsoft is getting better and better about blocking password spraying attacks against O365. TREVORspray can solve this by proxying its requests through an unlimited number of –ssh hosts. No weird dependencies or cumbersome setup required – all you need is a cloud VM with port 22 open.

Features

  • Tells you the status of each account: if it exists, is locked, has MFA enabled, etc.
  • Automatic cancel/resume (attempted user/pass combos are remembered in ./logs/tried_logins.txt)
  • Round-robin proxy through multiple IPs using only vanilla –ssh
  • Automatic infinite reconnect/retry if a proxy goes down (or if you lose internet)
  • Spoofs User-Agent and client_id to look like legitimate auth traffic
  • Logs everything to ./logs/trevorspray.log
  • Saves valid usernames to ./logs/valid_usernames.txt
  • Optional –delay between request to bypass M$ lockout countermeasures

Installation

$ git clone https://github.com/blacklanternsecurity/trevorspray

$ cd trevorspray

$ pip install -r requirements.txt

Use

Copyright (C) 2020 @thetechr0mancer

Source: https://github.com/blacklanternsecurity/

Tags: TREVORspray