CredMaster
CredMaster copied to clipboard
knavesec
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Hello, Recently came across a problem with this tool all of a sudden. Upon trying to run a spray I receive an error:  The simple command I've tried running...
Currently, CredMaster cannot fall through to boto3's auth. In other words, using the `default` AWS profile or AWS environment variables for configuration is impossible without passing flags (i.e. `--profile_name default`...
While attempting to use the OWA/EWS plugins I am getting "Authentication Failed:" with a valid credential. O365 module works as expected for the same credentials. Possibly an issue with NTLM...
https://github.com/Optiv/Go365 Optiv's Go365 tool does some awesome bruteforcing & enum for Office365 tenants. Would be great to have a CredMaster plugin for it, with an optional `--endpoint` flag to specify...
I'm attempting to spray an ADFS endpoint with a list of email addresses validated using [OneDriveEnum](https://github.com/nyxgeek/onedrive_user_enum). I've tried specifying the URL according to the instructions, but also as `https://federation.target.com/adfs/ls/`. Neither...
Hi, Thank you so much for your great work on this tool. I have been using it for the last 2 years and loving the work! Unfortunately, when spraying o365...
Hello, I recently found out the the o365 module uses the autodiscover login (https://autodiscover-s.outlook.com) with BasicAuth to do the spraying. Recently, Microsoft have block Basic Auth authentication on all tenant...
During a standard run of CredMaster, I encountered an issue where the delay setting in my conf file was skipped completely and the next password run started immediately. I had...
```bash ──(venv)─(kali㉿kali)-[~/git/CredMaster] └─$ aws sso login --profile redteam-pwr Attempting to automatically open the SSO authorization page in your default browser. If the browser does not open or you wish to...
Calling via credmaster, we get  (Note: I added a `print(response.json())` at line 59 to get the json.) ```json { "Username": "[email protected]", "Display": "[email protected]", "IfExistsResult": 1, "IsUnmanaged": false, "ThrottleStatus": 0,...