Cyber security

Msprobe – On-Prem Microsoft Solutions Discovery For Security

Discovering and securing on-premises Microsoft solutions is paramount in today’s cybersecurity landscape.

In this article, we delve into ‘msprobe,’ a powerful tool designed to aid in the identification of on-prem Microsoft products.

With its versatile modules, ‘msprobe’ empowers security professionals to pinpoint and assess potential vulnerabilities, ensuring robust protection for organizations.

About

Finding all things on-prem Microsoft for password spraying and enumeration.

The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below:

Installing

Install the project using pipx

pipx install git+https://github.com/puzzlepeaches/msprobe.git

Usage

The tool has four different modules that assist with the discovery of on-prem Microsoft products:

  • Exchange
  • RD Web
  • ADFS
  • Skype for Business

The help menu and supported modules are shown below:

Usage: msprobe [OPTIONS] COMMAND [ARGS]...

  Find Microsoft Exchange, RD Web, ADFS, and Skype instances

Options:
  --help  Show this message and exit.

Commands:
  adfs   Find Microsoft ADFS servers
  exch   Find Microsoft Exchange servers
  full   Find all Microsoft supported by msprobe
  rdp    Find Microsoft RD Web servers
  skype  Find Microsoft Skype servers

Examples

Find ADFS servers associated with apex domain:

msprobe adfs acme.com

Find RD Web servers associated with apex domain with verbose output:

msprobe rdp acme.com -v

Find all Microsoft products hostsed on-prem for a domain:

msprobe full acme.com
Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

1 day ago

ROADTools: The Modern Azure AD Exploration Framework

ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…

4 days ago

How to Enumerate Microsoft 365 Groups Using PowerShell and Python

Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…

4 days ago

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…

5 days ago

PPLBlade: Advanced Memory Dumping and Obfuscation Tool

PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…

5 days ago

HikPwn : Simple Scanner For Hikvision Devices With Basic Vulnerability Scanning

HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…

6 days ago