AD Privilege Escalation
  • Iperius Backup Service Privilege Escalation
  • ManageEngine ADSelfService Plus PrivEsc
  • Mimikatz
  • Outlook Reminder Privilege Escalation
  • UAC Windows Privilege Escalation
  • Windows PrivEsc with Kerberos
  • Windows PrivEsc with LocalPotato
  • Windows PrivEsc with Registry Keys
  • Windows PrivEsc with RemotePotato
  • Windows PrivEsc with SeBackupPrivilege
  • Windows PrivEsc with Unquoted Service Path
  • Windows Privilege Escalation
  • Windows Pivoting
  • AD CS (Active Directory Certificate Services) Pentesting
  • Dumping Windows Password Hashes
  • WSL Pentesting
  • Windows Memory Dump Analysis
  • Windows Remote Code Execution from Linux
  • Windows XML EventLog (EVTX)
  • M365 (Microsoft Office 365) Pentesting
  • Microsoft Outlook Message (.msg)
  • Microsoft Word Pentesting
  • Reading OneDrive Logs
Powered by GitBook
On this page

M365 (Microsoft Office 365) Pentesting

PreviousWindows XML EventLog (EVTX)NextMicrosoft Outlook Message (.msg)

Last updated 1 year ago

We may spray user passwords with open-source tools as below.

Enumeration
Password Spraying
Page cover image
LogoGitHub - dafthack/MFASweep: A tool for checking if MFA is enabled on multiple Microsoft ServicesGitHub
LogoGitHub - 0xZDH/o365spray: Username enumeration and password spraying tool aimed at Microsoft O365.GitHub