I’m a red teamer,.I do work similar to pentesting and use many of the same tools. This year, I’ve added several tools to my toolbox. I’ll introduce them to you below. I hope you find them valuable, as well.

DoubleTap (by @4lex)

I <heart> password spraying attacks where you guess a few common passwords against a large list of users. Why? Because it works! I used to get a little bummed when I would come up against a web application like Office365 where the login is a multi-step process. Such web apps required extra time to create a script to do the password spraying. In this case, DoubleTap is your best friend. DoubleTap is a password spraying tool that can be quickly configured to password spray any web portal no matter the number of steps it takes. You simply tell it the name of the username and password fields where it should substitute in your values and the names of the buttons to “push” after entering the data. It comes with a module already set up and ready to go for spraying Office365, and you can easily add your own modules. Check it out here.

GatherContacts (by @OrOneEqualsOne)

How do you build a list of usernames for use in your password spraying script? GatherContacts is a Burp Suite Extension that pulls employee names from Google and Bing search results. The searches specifically pulled names from LinkedIn for the company name you specify. Follow the link for tips and tricks for massaging this list into various user name formats.

Doxy Cannon (by @4lex)

Of course, if you are a password spraying addict, you will no doubt run into a situation where your IP address gets blocked from accessing the target server. In last year’s Toolbox Additions post, (Read more...)