Member-only story

Password Spraying in Active Directory

Jose Campo
3 min readOct 24, 2024

If you’re working within a Windows environment, DomainPasswordSpray offers a powerful alternative with some unique advantages.

Password Spraying — AI generated image.

Why we do it?

Password spraying is a crucial technique in penetration testing to discover weak or reused passwords without triggering account lockouts.

For Windows, DomainPasswordSpray stands out for a few key reasons:

🔹 It can include AD valid users when performing password spraying if you’re authenticated. This feature automates the inclusion of valid users from the AD, saving time and effort.
🔹 Ability to use an external user list when you don’t have credentials. This flexibility can be a game changer when you have limited information but still need to spray passwords.
🔹 Avoids account lockouts by skipping users restricted to only 1 login attempt. Protecting against accidental lockouts is critical in avoiding detection during pentests.

How to Use DomainPasswordSpray:

To start, you need to import the module into PowerShell. Here’s the simple command:

Import-Module .\DomainPasswordSpray.ps1

Once imported, we run it this way:

Invoke-DomainPasswordSpray -Password…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

Jose Campo
Jose Campo

No responses yet

Write a response