Page cover

M365 (Microsoft Office 365) Pentesting

Enumeration

Password Spraying

We may spray user passwords with open-source tools as below.

LogoGitHub - dafthack/MFASweep: A tool for checking if MFA is enabled on multiple Microsoft ServicesGitHub
LogoGitHub - 0xZDH/o365spray: Username enumeration and password spraying tool aimed at Microsoft O365.GitHub
PreviousWindows XML EventLog (EVTX)NextMicrosoft Outlook Message (.msg)

Last updated