Locked Go365 v1.4 - Office365 User Attack Tool

[itsMe]

This is the hidden content, please

• Sign In
• or
• Sign Up

Go365

Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365). Go365 uses a unique SOAP API endpoint on login.microsoftonline.com that most other tools do not use. When queried with an email address and password, the endpoint responds with an Azure AD Authentication and Authorization code. This code is then processed by Go365 and the result is printed to a screen or an output file.

* User enumeration is performed in conjunction with a password guess attempt. Thus, there is no specific flag or functionality to perform only user enumeration. Instead, conduct your first password guessing attack, then parse the results for valid users.

Read these three bullets!

    This tool might not work on all domains that utilize o365. Tests show that it works with most federated domains. Some domains will only report valid users even if a valid password is also provided. Your results may vary!
    The domains this tool was tested on showed that it did not actually lock out accounts after multiple password failures. Your results may vary!
    This tool is intended to be used by security professionals that are authorized to “attack” the target organization’s o365 instance.

Changelog v1.4

    Updated Go365 to include the MS “graph” api through the URL login.microsoft.com/common/oauth2/token.
    Specify -endpoint graph to use this new endpoint.

This is the hidden content, please

• Sign In
• or
• Sign Up