Tag Archives: Password Cracking Tools

trident – Automated Password Spraying Tool

Post Syndicated from Darknet original https://www.darknet.org.uk/2020/10/trident-automated-password-spraying-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

trident – Automated Password Spraying Tool

The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling.

trident was designed and built to fulfill several requirements and to provide:

  • the ability to be deployed on several cloud platforms/execution providers
  • the ability to schedule spraying campaigns in accordance with a target’s account lockout policy
  • the ability to increase the IP pool that authentication attempts originate from for operational security purposes
  • the ability to quickly extend functionality to include newly-encountered authentication platforms

Using trident Password Spraying Tool

Usage:
trident-cli campaign [flags]

Flags:
-a, –auth-provider string this is the authentication platform you are attacking (default "okta")
-h, –help help for campaign
-i, –interval duration requests will happen with this interval between them (default 1s)
-b, –notbefore string requests will not start before this time (default "2020-09-09T22:31:38.643959-05:00")
-p, –passfile string file of passwords (newline separated)
-u, –userfile string file of usernames (newline separated)
-w, –window duration a duration that this campaign will be active (ex: 4w) (default 672h0m0s)

Example output:

$ trident-client results
+—-+——————-+————+——-+
| ID | USERNAME | PASSWORD | VALID |
+—-+——————-+————+——-+
| 1 | [email protected] | Password1!

Read the rest of trident – Automated Password Spraying Tool now! Only available at Darknet.

SharpHose – Asynchronous Password Spraying Tool

Post Syndicated from Darknet original https://www.darknet.org.uk/2020/07/sharphose-asynchronous-password-spraying-tool/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

SharpHose – Asynchronous Password Spraying Tool

SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike’s execute-assembly.

It provides a flexible way to interact with Active Directory using domain-joined and non-joined contexts, while also being able to target specific domains and domain controllers. The tool takes into consideration the domain password policy, including fine-grained password policies, in an attempt to avoid account lockouts.

Read the rest of SharpHose – Asynchronous Password Spraying Tool now! Only available at Darknet.