A DOM-based G-Suite password sprayer and user enumerator

Related tags

Security related resourcesgsprayer
Overview
.d8888b.   .d8888b.  8888888b.  8888888b.         d8888 Y88b   d88P 8888888888 8888888b.
d88P  Y88b d88P  Y88b 888   Y88b 888   Y88b       d88888  Y88b d88P  888        888   Y88b
888    888 Y88b.      888    888 888    888      d88P888   Y88o88P   888        888    888
888         "Y888b.   888   d88P 888   d88P     d88P 888    Y888P    8888888    888   d88P
888  88888     "Y88b. 8888888P"  8888888P"     d88P  888     888     888        8888888P"
888    888       "888 888        888 T88b     d88P   888     888     888        888 T88b
Y88b  d88P Y88b  d88P 888        888  T88b   d8888888888     888     888        888  T88b
 "Y8888P88  "Y8888P"  888        888   T88b d88P     888     888     8888888888 888   T88b

A DOM-based G-Suite password sprayer and user enumerator

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.

Installing

First, clone the repository

git clone https://github.com/yok4i/gsprayer.git

Once inside it, run poetry to install the dependencies

poetry install

Alternatively, you can install them with pip

pip install -r requirements.txt

Help

Use -h to show the help menu

poetry run ./gsprayer.py -h

usage: gsprayer.py [-h] [-t TARGET] (-u USERNAME | -U FILE) [-o OUTPUT] [-r N] [--headless] [--proxy PROXY] [--wait WAIT] [-v]
                   {enum,spray} ...

G-Suite Password Sprayer.

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        Target URL (default: https://accounts.google.com/)
  -u USERNAME, --username USERNAME
                        Single username
  -U FILE, --usernames FILE
                        File containing usernames
  -o OUTPUT, --output OUTPUT
                        Output file (default depends on subcommand)
  -r N, --reset-after N
                        Reset browser after N attempts (default: 1)
  --headless            Run in headless mode
  --proxy PROXY         Proxy to pass traffic through: 
   
    
  --wait WAIT           Time to wait (in seconds) when looking for DOM elements (default: 3)
  -v, --verbose         Verbose output

subcommands:
  valid subcommands

  {enum,spray}          additional help
    enum                Perform user enumeration
    spray               Perform password spraying

There is also help menu for each subcommand:

poetry run ./gsprayer.py 
   
     -h

Examples

Enumerate valid accounts from a company using G-Suite, in headless mode

poetry run ./gsprayer.py -r 50 -U emails.txt --headless enum

Perform password spraying using a proxy and waiting 30 minutes between each password iteration

poetry run ./gsprayer.py -r 1 -U emails.txt -P passwords.txt --proxy 127.0.0.1:9050 spray --lockout 30

Note

If you are using a proxy with a protocol other than HTTP, you should specify the schema like socks5://127.0.0.1:9050.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

License

This project is licensed under the MIT License - see the LICENSE file for details

Acknowledgments

Disclaimer

This tool is intended for educational purpose or for use in environments where you have been given explicit/legal authorization to do so.

You might also like...
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack
This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

This is simple python FTP password craker. To crack FTP login using wordlist based brute force attack

Varun Jagtap 5 Oct 8, 2022
Generates password lists/dictionaries based on keywords written in python3.

dicbyru Introduction Generates password lists/dictionaries based on keywords. It uses the keywords and adds capital letters, numbers and special chara

ru55o 2 Oct 31, 2022
A powerful password generator utility which utilizes the slot technique to generate strong passwords of required length having combinations of lower and upper characters, digits and symbols.

Bitpass Password Generator Installation Make sure Python 3+ is installed

Vaibhaw 6 Feb 2, 2022
This is a js front-end encryption blasting account and password tools

Author:0xAXSDD By Gamma安全实验室 version:1.0 explain:这是一款用户绕过前端js加密进行密码爆破的工具,你无需在意js加密的细节,只需要输入你想要爆破url,以及username输入框的classname,password输入框的clas

null 75 Nov 25, 2022
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
Password-Manager - This app can generate ,save , find and delete passwords.

Password-Manager This app can generate ,save , find and delete passwords. In the StartUp() Function , there are three buttons to choose from : Generat

null 1 Jan 1, 2022
You can crack any zip file and get the password.
You can crack any zip file and get the password.

Zip-Cracker Video Lesson : This is a Very powerfull Zip File Crack tool for termux users. Check 500 000 Passwords in 30 seconds Unique Performance Che

Razor Kenway 13 Oct 24, 2022
Pgen is the best brute force password generator and it is improved from the cupp.py
Pgen is the best brute force password generator and it is improved from the cupp.py

pgen Pgen is the best brute force password generator and it is improved from the cupp.py The pgen tool is dedicated to Leonardo da Vinci -Time stays l

heyheykids 2 Jan 31, 2022
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Matt Creel 27 Dec 20, 2022
Comments
  • Stacktrace after email input and before clicking next

    Stacktrace after email input and before clicking next

    Hi, I have try using with the firefox driver since my chromium isn't working properly and the following stack trace is return after entering the email in the identifierID field and just before clicking next.

    Stacktrace:
[email protected]://remote/content/shared/webdriver/Errors.jsm:181:5
[email protected]://remote/content/shared/webdriver/Errors.jsm:393:5
element.find/</<@chrome://remote/content/marionette/element.js:305:16

    Look like it has a hard time finding the element for next but the xpath seems good Any idea? Thanks for your help

    opened by Gimpy42 0
  • Bug:

    Bug:

    I would love to use this tool, but I can't figure out why this command is failing with a stack trace error. Also, verbose mode does not seem to provide any additional information.

    $ poetry run ./gsprayer.py -u '<known_valid_gmail_account>' -v --rua -o ./ -H enum

.d8888b.   .d8888b.  8888888b.  8888888b.         d8888 Y88b   d88P 8888888888 8888888b.  
d88P  Y88b d88P  Y88b 888   Y88b 888   Y88b       d88888  Y88b d88P  888        888   Y88b 
888    888 Y88b.      888    888 888    888      d88P888   Y88o88P   888        888    888 
888         "Y888b.   888   d88P 888   d88P     d88P 888    Y888P    8888888    888   d88P 
888  88888     "Y88b. 8888888P"  8888888P"     d88P  888     888     888        8888888P"  
888    888       "888 888        888 T88b     d88P   888     888     888        888 T88b   
Y88b  d88P Y88b  d88P 888        888  T88b   d8888888888     888     888        888  T88b  
 "Y8888P88  "Y8888P"  888        888   T88b d88P     888     888     8888888888 888   T88b 



   > target         :  https://accounts.google.com/
   > driver         :  chrome
   > username       :  <redacted>
   > output         :  valid_users.txt
   > reset_after    :  1
   > wait           :  3 seconds
   > captchatimeout :  30
   > headless       :  True
   > rua            :  True
   > verbose        :  True
   > cmd            :  enum

>----------------------------------------<

[*] Current username: <redacted>
[ERROR] Message: 
Stacktrace:
#0 0x55b01f87f693 <unknown>
#1 0x55b01f678b0a <unknown>
#2 0x55b01f6b15f7 <unknown>
#3 0x55b01f6b17c1 <unknown>
#4 0x55b01f6e4804 <unknown>
#5 0x55b01f6ce94d <unknown>
#6 0x55b01f6e24b0 <unknown>
#7 0x55b01f6ce743 <unknown>
#8 0x55b01f6a4533 <unknown>
#9 0x55b01f6a5715 <unknown>
#10 0x55b01f8cf7bd <unknown>
#11 0x55b01f8d2bf9 <unknown>
#12 0x55b01f8b4f2e <unknown>
#13 0x55b01f8d39b3 <unknown>
#14 0x55b01f8a8e4f <unknown>
#15 0x55b01f8f2ea8 <unknown>
#16 0x55b01f8f3052 <unknown>
#17 0x55b01f90d71f <unknown>
#18 0x7f95b6487b27 <unknown>


==============================
[*] Username Enumeration Stats
==============================
[*] Total Usernames Tested:  0
[*] Valid Usernames:         0
[*] Invalid Usernames:       0
    opened by nimmicus 1
Releases(v0.1.0)

  • v0.1.0(Feb 10, 2022)

    First working version. Main features:

    • proxy support;
    • usernames and passwords lists;
    • reset browser after n attempts;
    • enumerate g-suite users;
    • perform password spraying.
    Source code(tar.gz)
    Source code(zip)
Owner
Mayk
Mayk
GitHub Repository
POC using subprocess lib in Python 🐍

POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le

Guillaume Falourd 2 Nov 28, 2022
CVE-2021-22205 Unauthorized RCE

CVE-2021-22205 影响版本: Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog

r0eXpeR 70 Nov 09, 2022
Apache OFBiz rmi反序列化EXP(CVE-2021-26295)

Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下,py3运行,根据提示输入漏洞url,你的vps地址和端口 第二次使用建议删除exp.ot 本工具仅用于安全测试,禁止未授权非法攻击站点,否则后果自负

15 Nov 09, 2022
MD5-CRACKER - A gmail brute force app created with python3

MD5-CRACKER So this is my first app i created with python3 . if you guys downloa

2 Nov 10, 2022
MozDef: Mozilla Enterprise Defense Platform

MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def

Mozilla 2.2k Jan 08, 2023
HTTP security headers for Flask

Talisman: HTTP security headers for Flask Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few co

Google Cloud Platform 854 Dec 30, 2022
CVE-log4j CheckMK plugin

CVE-2021-44228-log4j discovery (Download the MKP package) This plugin discovers vulnerable files for the CVE-2021-44228-log4j issue. To discover this

4 Jan 08, 2022
GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

Mathew Payne 121 Dec 14, 2022
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.

2 Dec 16, 2021
Confluence Server Webwork OGNL injection

CVE-2021-26084 - Confluence Server Webwork OGNL injection An OGNL injection vulnerability exists that would allow an authenticated user and in some in

Fellipe Oliveira 295 Jan 06, 2023
Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack

O365DevicePhish Microsoft365_devicePhish Abusing Microsoft 365 OAuth Authorization Flow for Phishing Attack This is a simple proof-of-concept script t

Trewis [work] Scotch 4 Sep 23, 2022
Provides script to download and format public IP lists related to the Log4j exploit.

Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.

Gianluca Ulivi 1 Jan 02, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
Scarecrow is a tool written in Python3 allowing you to protect your Python3 scripts.

🕷️ Scarecrow 🕷️ Scarecrow is a tool written in Python3 allowing you to protect your Python3 scripts. It looks for processes with specific names to v

Billy 33 Sep 28, 2022
A tool to extract the IdP cert from vCenter backups and log in as Administrator

vCenter SAML Login Tool A tool to extract the Identity Provider (IdP) cert from vCenter backups and log in as Administrator Background Commonly, durin

Horizon 3 AI Inc 343 Dec 31, 2022
一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景

OrderbyHunter 一款辅助探测Orderby注入漏洞的BurpSuite插件,Python3编写,适用于上xray等扫描器被ban的场景 1. 支持Get/Post型请求参数的探测,被动探测,对于存在Orderby注入的请求将会在HTTP Histroy里标红 2. 自定义排序参数list

Automne 21 Aug 12, 2022
Scans for Log4j versions effected by CVE-2021-44228

check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i

inett GmbH 4 Jun 30, 2022
Multi Brute Force Facebook - Crack Facebook With Login - Free For Now

✭ SAKERA CRACK Made With ❤️ By Denventa, Araya, Dapunta Author: - Denventa - Araya Dev - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Cookies ⇨ Ins

Dapunta ID 26 Jan 01, 2023
an impacket-dependent script exploiting CVE-2019-1040

dcpwn an impacket-dependent script exploiting CVE-2019-1040, with code partly borrowed from those security researchers that I'd like to say thanks to.

QAX A-Team 71 Nov 30, 2022
Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method

Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method Hieu Trung Nguyen, Khang Tran and Ngoc Hoang Luong Setup Clone thi

Evolutionary Learning & Optimization (ELO) Lab 6 Jun 29, 2022