https://github.com/0xZDH/Omnispray

Modular Enumeration and Password Spraying Framework
https://github.com/0xZDH/Omnispray

enumeration password-spray pentesting-tools python3 security-tools

Last synced: about 2 months ago
JSON representation

Modular Enumeration and Password Spraying Framework

• Host: GitHub
• URL: https://github.com/0xZDH/Omnispray
• Owner: 0xZDH
• Created: 2021-02-25T07:28:06.000Z (over 5 years ago)
• Default Branch: master
• Last Pushed: 2024-04-10T20:05:46.000Z (about 2 years ago)
• Last Synced: 2026-02-10T06:40:46.283Z (4 months ago)
• Topics: enumeration, password-spray, pentesting-tools, python3, security-tools
• Language: Python
• Homepage:
• Size: 87.9 KB
• Stars: 129
• Watchers: 2
• Forks: 22
• Open Issues: 2
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

• awesome-password-spraying - Omnispray - commit/0xZDH/Omnispray?style=for-the-badge&color=informational) | (Password Generation / Spraying Tools)

README

          
# Omnispray

> Omnispray | Modular Enumeration and Password Spraying Framework -- v0.1.4

Omnispray aims to replace tools such as [o365spray](https://github.com/0xZDH/o365spray) and provide a modular framework to expand enumeration and spraying beyond just a single target/application.

The primary goal is to provide a framework to allow for the easy development and implementation of user enumeration and password spraying techniques for a variety of targets/applications. While there are currently several prebuilt modules included, this tool provides module templates to give users the tools needed to extend the tools usage for non-standard cases. The goal is also to provide a central tool to handle all enumeration and spraying.

## Modules

See [MODULES.md](MODULES.md) for information on custom module development as well as details on included modules (O365, OWA, etc.).

## Usage

| Flag         | Description                                                                                                |

|--------------|------------------------------------------------------------------------------------------------------------|

| -m
--module | Specify the module to run via the modules/ directory.                                                   |

| -d
--domain | Target domain for enumeration/spraying.                                                                 |

| -tenant
--tenant | Target tenant name in case it differs with domain for enumeration/spraying.                       |

| -t
--type   | Module type. If left blank, Omnispray will attempt to autodetect the module type based on the module name. {enum, spray} |

| --url  | Target URL. This is for modules that don't use a standard URL for targeting.                                     |

| -u
--user   | Single username/email to process.                                                                       |

| -us
--users | Multiple users/emails to process. (--users uname1 uname2 uname3 ...)                                    |

| -uf
--userfile  | File containing multiple users/emails to process.                                                   |

| -p
--password   | Single password to process.                                                                         |

| -ps
--passwords | Multiple passwords to process. (--passwords password1 password2 password3 ...)                      |

| -pf
--passwordfile | File containing multiple password to process.                                                    |

| -c
--count   | When password spraying, number of password attempts to run before resetting lockout timer. Default: 1 password per spray rotation |

| -l
--lockout | Password spraying lockout policy reset time (in minutes). Default: 15 minutes                          |

| -s
--split   | When enumerating, number of usernames to group by during execution                                     |

| -w
--wait    | If splitting user enumeration via --split, time to wait between group runs (in minutes). Default: 5 minutes |

| --timeout     | Request timeout in seconds. Default: 25 seconds                                                           |

| --proxy       | Proxy to pass traffic through (e.g. http://127.0.0.1:8080).                                               |

| --proxy-url   | URL of proxy to request instead of the module URL. This is to be used with tools such as FireProx.        |

| --proxy-headers  | Custom headers to use when a --proxy-url has been provided (--proxy-headers "header: value" "header2: value" "header3: value" ...) (e.g. "X-My-X-Forwarded-For: 127.0.0.1" when using FireProx) |

| --outdir      | Directory for results and tested files. Default: results/                                                 |

| --logdir      | Directory for log files. Default: logs/                                                                   |

| --pause       | Sleep (jitter) time before each task is executed in seconds. If set to '-1', a random pause, between 0.250 and 0.750, will occur before each task execution. Default: 0.250 seconds |

| --rate        | Number of concurrent connections during enumeration/spraying. Default: 10 threads                         |

| --version     | Print the tool version                                                                                    |

| --debug       | Print debug information                                                                                   |

### Examples

O365 user enumeration via the Office module.

```

> python3 omnispray.py --type enum -uf users.txt --module o365_enum_office

```

O365 password spraying via the ActiveSync module.

```

> python3 omnispray.py --type spray -uf users.txt -pf passwords.txt \

                       --module o365_spray_activesync \

                       --count 3 --lockout 30

```