{"id":13623399,"url":"https://github.com/dafthack/DomainPasswordSpray","last_synced_at":"2025-04-15T14:32:54.314Z","repository":{"id":41271457,"uuid":"70015235","full_name":"dafthack/DomainPasswordSpray","owner":"dafthack","description":"DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!","archived":false,"fork":false,"pushed_at":"2024-07-11T18:18:57.000Z","size":66,"stargazers_count":1862,"open_issues_count":20,"forks_count":385,"subscribers_count":49,"default_branch":"master","last_synced_at":"2025-04-11T19:55:12.258Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dafthack.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-10-04T23:37:37.000Z","updated_at":"2025-04-08T11:16:59.000Z","dependencies_parsed_at":"2023-02-15T11:15:34.152Z","dependency_job_id":"e2992988-8c24-4766-9acd-1ff1783e0801","html_url":"https://github.com/dafthack/DomainPasswordSpray","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dafthack%2FDomainPasswordSpray","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dafthack%2FDomainPasswordSpray/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dafthack%2FDomainPasswordSpray/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dafthack%2FDomainPasswordSpray/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dafthack","download_url":"https://codeload.github.com/dafthack/DomainPasswordSpray/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248944909,"owners_count":21187240,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T21:01:31.332Z","updated_at":"2025-04-15T14:32:54.022Z","avatar_url":"https://github.com/dafthack.png","language":"PowerShell","readme":"# DomainPasswordSpray\nDomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!\n\n## Quick Start Guide\nOpen a PowerShell terminal from the Windows command line with 'powershell.exe -exec bypass'.\n\nType 'Import-Module DomainPasswordSpray.ps1'.\n\nThe only option necessary to perform a password spray is either -Password for a single password or -PasswordList to attempt multiple sprays. When using the -PasswordList option Invoke-DomainPasswordSpray will attempt to gather the account lockout observation window from the domain and limit sprays to one per observation window to avoid locking out accounts.\n\nThe following command will automatically generate a list of users from the current user's domain and attempt to authenticate using each username and a password of Spring2017.\n```PowerShell\nInvoke-DomainPasswordSpray -Password Spring2017\n```\n\nThe following command will use the userlist at users.txt and try to authenticate to the domain \"domain-name\" using each password in the passlist.txt file one at a time. It will automatically attempt to detect the domain's lockout observation window and restrict sprays to one attempt during each window. The results of the spray will be output to a file called sprayed-creds.txt\n```PowerShell\nInvoke-DomainPasswordSpray -UserList users.txt -Domain domain-name -PasswordList passlist.txt -OutFile sprayed-creds.txt\n```\n\n### Invoke-DomainPasswordSpray Options\n```\nUserList          - Optional UserList parameter. This will be generated automatically if not specified.\nPassword          - A single password that will be used to perform the password spray.\nPasswordList      - A list of passwords one per line to use for the password spray (Be very careful not to lockout accounts).\nOutFile           - A file to output the results to.\nDomain            - A domain to spray against.\nForce             - Forces the spray to continue without prompting for confirmation.\n\n```\n## Get-DomainUserList Module\nThe function Get-DomainUserList allows you to generate a userlist from the domain. It has options to remove disabled accounts and those that are about to be locked out. This is performed automatically in DomainPasswordSpray if no user list is specified. \n\nThis command will write the domain user list without disabled accounts or accounts about to be locked out to a file at \"userlist.txt\".\n```PowerShell\nGet-DomainUserList -Domain domainname -RemoveDisabled -RemovePotentialLockouts | Out-File -Encoding ascii userlist.txt\n```\n","funding_links":[],"categories":["Privilege Escalation Tools","PowerShell","[↑](#table-of-contents) [Credential Access](https://attack.mitre.org/tactics/TA0006/)","PowerShell (153)","Operating Systems"],"sub_categories":["Password Spraying Tools","[T1110 - Brute Force](https://attack.mitre.org/techniques/T1110)","Windows"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdafthack%2FDomainPasswordSpray","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdafthack%2FDomainPasswordSpray","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdafthack%2FDomainPasswordSpray/lists"}