Go offline with the Player FM app!
Attacking Exchange/OWA to Gain Access to AD Accounts - Tradecraft Security Weekly #3
Manage episode 180935076 series 1456935
Microsoft Exchange and Office365 are extremely popular products that organizations use for enterprise email. These services can be exploited by remote attackers to potentially gain access to Active Directory user credentials. In this Tradecraft Security Weekly episode Beau Bullock (@dafthack) demonstrates how to utilize MailSniper to enumerate internal domains, enumerate usernames, perform password spraying attacks, and get the global address list from Exchange and Office365 portals.
Links: MailSniper - https://github.com/dafthack/MailSniper
14 episodes
Manage episode 180935076 series 1456935
Microsoft Exchange and Office365 are extremely popular products that organizations use for enterprise email. These services can be exploited by remote attackers to potentially gain access to Active Directory user credentials. In this Tradecraft Security Weekly episode Beau Bullock (@dafthack) demonstrates how to utilize MailSniper to enumerate internal domains, enumerate usernames, perform password spraying attacks, and get the global address list from Exchange and Office365 portals.
Links: MailSniper - https://github.com/dafthack/MailSniper
14 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.