{"id":48672723,"url":"https://github.com/knavesec/CredMaster","last_synced_at":"2026-04-26T07:00:46.673Z","repository":{"id":39450934,"uuid":"298678001","full_name":"knavesec/CredMaster","owner":"knavesec","description":"Refactored \u0026 improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling","archived":false,"fork":false,"pushed_at":"2025-03-19T20:36:21.000Z","size":234,"stargazers_count":1049,"open_issues_count":19,"forks_count":138,"subscribers_count":15,"default_branch":"master","last_synced_at":"2025-03-19T21:38:46.950Z","etag":null,"topics":["brute-force","hacktoberfest","leet-haxor-toolz","password-spray"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/knavesec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-09-25T20:57:42.000Z","updated_at":"2025-03-19T20:36:26.000Z","dependencies_parsed_at":"2024-08-11T23:30:53.521Z","dependency_job_id":null,"html_url":"https://github.com/knavesec/CredMaster","commit_stats":{"total_commits":151,"total_committers":16,"mean_commits":9.4375,"dds":0.6821192052980132,"last_synced_commit":"2d8092d7fae6cc9bdfba47957f2153a3c50d2c98"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/knavesec/CredMaster","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knavesec%2FCredMaster","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knavesec%2FCredMaster/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knavesec%2FCredMaster/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knavesec%2FCredMaster/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/knavesec","download_url":"https://codeload.github.com/knavesec/CredMaster/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/knavesec%2FCredMaster/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32288653,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-26T06:26:00.361Z","status":"ssl_error","status_checked_at":"2026-04-26T06:25:58.791Z","response_time":129,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","hacktoberfest","leet-haxor-toolz","password-spray"],"created_at":"2026-04-10T13:00:21.814Z","updated_at":"2026-04-26T07:00:46.666Z","avatar_url":"https://github.com/knavesec.png","language":"Python","funding_links":[],"categories":["Password Generation"],"sub_categories":["Spraying Tools"],"readme":"# CredMaster #\n\nLaunch a password spray / brute force attach via Amazon AWS passthrough proxies, shifting the requesting IP address for every authentication attempt. This dynamically creates FireProx APIs for more evasive password sprays.  \n\nShoutout to [@ustayready](https://twitter.com/ustayready) for his [CredKing](https://github.com/ustayready/CredKing) and [FireProx](https://github.com/ustayready/fireprox) tools, which form the base of this suite.\n\nSee all the full notes on the [Wiki](https://github.com/knavesec/CredMaster/wiki), tool released with specifics in this [blogpost](https://whynotsecurity.com/blog/credmaster/)\n\nFor detection tips, see the blogpost and detection section.\n\n**Be careful for account lockouts, know the reset policies of your target**\n\n## TL;DR\n1. git clone the repo down\n2. If unsure how to create correct keys see this [blog](https://bond-o.medium.com/aws-pass-through-proxy-84f1f7fa4b4b).\n3. `pip install -r requirements.txt`\n4. Fill out the config file ([wiki](https://github.com/knavesec/CredMaster/wiki/Config-File)) with desired options, or provide through CLI\n\n\n## Benefits \u0026 Features ##\n\n* Rotates the requesting IP address for every request\n* Automatically generates APIs for proxy passthru\n* Spoofs API tracking numbers, forwarded-for IPs, and other proxy tracking headers = fully [anonymous](https://github.com/knavesec/CredMaster/wiki/Anonymity)\n* Easily configuation via config file\n* Multi-threaded processing\n* Password delay counters \u0026 configuration for lockout policy evasion\n* Easily add new plugins\n* Colourised output\n* Notification systems for Keybase, Slack, Discord, Teams \u0026 Pushover\n* [WeekdayWarrior](https://github.com/knavesec/CredMaster/wiki/Weekday-Warrior) setting for timed spraying and SOC evasion\n\n![general](https://raw.githubusercontent.com/whynotsecurity/whynotsecurity.github.io/master/assests/images/credmaster-screenshots/credmaster-default.png)\n\n\n## Quick Use ##\n\nThe following plugins are currently supported:\n\n* [OWA](https://github.com/knavesec/CredMaster/wiki/OWA) - Outlook Web Access\n  * `--plugin owa`\n* [EWS](https://github.com/knavesec/CredMaster/wiki/EWS) - Exchange Web Services\n  * `--plugin ews`\n* [O365](https://github.com/knavesec/CredMaster/wiki/O365) - Office365 - DEPRECATED\n  * `plugin removed`\n* [ADFS](https://github.com/knavesec/CredMaster/wiki/ADFS) - Active Directory Federation Services\n  * `--plugin adfs`\n* [O365Enum](https://github.com/knavesec/CredMaster/wiki/O365Enum) - Office365 User Enum (No Authentication Request)\n  * `--plugin o365enum`\n* [MSOL](https://github.com/knavesec/CredMaster/wiki/MSOL) - Microsoft Online\n  * `--plugin msol`\n* [MSGraph](https://github.com/knavesec/CredMaster/wiki/MSGraph) - MSGraph Module, msgraph spray point for azure and MSOL credentials\n  * `--plugin msgraph`\n* [AzureSSO](https://github.com/knavesec/CredMaster/wiki/AzureSSO) - Azure AD Seamless SSO Endpoint\n  * `--plugin azuresso`\n* [AzVault](https://github.com/knavesec/CredMaster/wiki/AzureVault) - AzVault Module, Azure spray point different to MSOL/AzureSSO\n  * `--plugin azvault`\n* [Okta](https://github.com/knavesec/CredMaster/wiki/Okta) - Okta Authentication Portal\n  * `--plugin okta`\n* [FortinetVPN](https://github.com/knavesec/CredMaster/wiki/FortinetVPN) - Fortinet VPN Client\n  * `--plugin fortinetvpn`\n* [HTTPBrute](https://github.com/knavesec/CredMaster/wiki/HTTPBrute) - Generic HTTP Brute Methods (Basic/Digest/NTLM)\n  * `--plugin httpbrute`\n* [GMailEnum](https://github.com/knavesec/CredMaster/wiki/GmailEnum) - GSuite/Gmail enumeration\n  * `--plugin gmailenum`\n* [PingFed](https://github.com/knavesec/CredMaster/wiki/PingFed) - Ping Federated Authentication\n  * `--plugin pingfed`\n* [HTTPPost](https://github.com/knavesec/CredMaster/wiki/HTTPPost) - Generic HTTP POST with custom body and headers\n  * `--plugin httppost`\n\n\nExample Use:\n```\npython3 credmaster.py --plugin {pluginname} --access_key {key} --secret_access_key {key} -u userfile -p passwordfile -a useragentfile {otherargs}\n```\n\nor\n\n```\npython3 credmaster.py --config config.json\n```\n\nThis tool requires AWS API access keys, a walkthrough on how to acquire these keys can be found here: https://bond-o.medium.com/aws-pass-through-proxy-84f1f7fa4b4b\n\nAll other usage details can be found [on the wiki](https://github.com/knavesec/CredMaster/wiki/Usage)\n\n\n## TODO ##\n\nPRs welcome :)\n\n* New Plugin: [Optiv's Go365 Method](https://github.com/optiv/Go365) - Includes Office365 auth and userenum capabilities via SOAP\n* \"Resume\" functionality for paused/cancelled scans. Ideally storing data for APIs used, if they were destroyed and what user/pwd the spray was on\n* Method to reliably determine if an auth attempt was throttled, so the username could be re-queued and tried again later for full cover (would have to be per-plugin, return \"throttled\" boolean value in plugin script, requeue if throttled)\n* Notification system for webhooks (Teams TODO)\n* Stop on success flag\n* Spray profile overhaul\n* Development notes\n* Spray username==password\n\n\n## Credits ##\n\n- Mike Felch ([ustayready](https://twitter.com/ustayready)) - CredKing \u0026 FireProx\n- Beau Bullock ([dafthack](https://twitter.com/dafthack)) - MSOLSpray tool\n- Martin Ingesen ([mrtn9](https://twitter.com/Mrtn9)) - MSOLSpray Python tool\n- Oliver Morton ([grimhacker](https://twitter.com/grimhacker)) - Office365UserEnum tool\n- Marcello ([byt3bl33d3r](https://twitter.com/byt3bl33d3r)) - SprayingToolkit\n- Erforschr - HTTP Bruteforce tool\n- Florian Hauser ([frycos](https://twitter.com/frycos) from [codewhitesec](https://twitter.com/codewhitesec)) - ADFS plugin\n- [nyxgeek](https://twitter.com/nyxgeek) - Azure AD Seamless SSO python implementation\n- Joe Helle ([joehelle](https://twitter.com/joehelle)) - Oh365UserFinder\n- Cameron Geehr ([BarrelTit0r](https://twitter.com/BarrelTit0r)) - o365enum tool\n- Max Gruenberg ([Max_Gruenberg](https://twitter.com/Max_Gruenberg)) - o365enum plugin\n- [x0rz](https://twitter.com/x0rz) - GmailEnum technique\n- Kole Swesey ([0xPanic_](https://twitter.com/0xPanic_)) - Assorted PR\n- Logan ([TheToddLuci0](https://infosec.exchange/@TheToddLuci0)) - Assorted bug squashing, AWS authing, and Keybase notifying\n- Andy Gill ([ZephrFish](https://twitter.com/ZephrFish)) - Colour functions + Tweaks/Notifications, helping on dev rewrite, AzVault module\n- Hugo VINCENT ([@hugow](https://twitter.com/hugow_vincent)) - Batch size / delay\n- Dennis Herrmann ([dhn_](https://twitter.com/dhn_) from [CODE WHITE GmbH](https://twitter.com/codewhitesec)) - Ntfy notifying support\n- Jason Juntunen ([missing0x00](https://twitter.com/missing0x00)) - PingFed plugin\n- Gustavo Penna ([moreirapenna2](https://github.com/moreirapenna2)) - HTTP POST plugin\n\nFeel free to drop me a line\n- \\@knave on Keybase\n- [Twitter - knavesec](https://twitter.com/knavesec)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknavesec%2FCredMaster","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fknavesec%2FCredMaster","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fknavesec%2FCredMaster/lists"}