Kali Linux

goEnumBruteSpray : User Enumeration And Password Bruteforce On Azure, ADFS, OWA, O365 And Gather Emails On Linkedin

goEnumBruteSpray is recommended module is o365 for user enumeration and passwords bruteforce / spray . Additional information can be retrieved to avoid account lockout, to know that the password is good but expired, MFA enabled,…

Linkedin

This module should be used to retrieve a list of email addresses before validating them through a user enumeration module. The company will be searched on Linkedin and all people working at these companies will be returned in the specified format.

The Linkedin’s session cookie li_at is required.

SearchEngine

This module should be used to retrieve a list of email addresses before validating them through a user enumeration module. The company name will be searched on Google and Bing with a dork to find people working in the company (site:linkedin.com/in+"%s"). The results title will be parsed to output email addresses in the specified format.

Azure

User enumeration

The Azure module is only available to enumerate the users of a tenant. The authentication request will be made on https://autologon.microsoftazuread-sso.com, a detailed response shows if the account does not exist, a MFA is required, if the account is locked, …

ADFS

Passwords bruteforce / spray

The ADFS module is only available to bruteforce or spray a password. The authentication request is sent to https://<target>/adfs/ls/idpinitiatedsignon.aspx?client-request-id=<randomGUID>&pullStatus=0. An error message can informs the user if the password is expired

O365

This module allows to enumerate users and bruteforce / spray passwords.

User enumeration

Several modes are available: office, oauth2 and onedrive (not implemented yet). The office mode is recommended as no authentication is made. Oauth2 can retrieve additional information through AADSTS error code (MFA enable, locked account, disabled account)

Passwords bruteforce / spray

As for the user enumeration, two modes are available: oauth2 and autodiscover (not implemented yet). The Oauth2 is the recommended mode, it allows to get much information thanks to the AADSTS error code.

OWA

This module allows to enumerate users and bruteforce / spray passwords.

User enumeration

Enumeration is made with authentication requests. Authentication for a non-existent user will take longer than for a valid user. At first, the average response time for an invalid user will be calculated and then the response time for each authentication request will be compared.

Passwords bruteforce / spray

Please note that no account locking mechanism can be implemented because no information about it is returned.

R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

3 hours ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

4 hours ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

23 hours ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

23 hours ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

23 hours ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

3 days ago