search

dirkjanm / ROADtools

A collection of Azure AD/Entra tools for offensive and defensive security purposes
MIT License
1.92k stars 269 forks source link

Add directorysettings to the gui #95

Closed vikerup closed 4 months ago

vikerup commented 5 months ago

Hi Dirk-jan

I think there is a hidden gem in your SQLite database that contains information regarding password settings but more importantly, potentially a list of Banned Passwords. This information could be very useful for instance if a successful phish is landed and you can enumerate the EntraID. Then you'll have the possibility to password-spray known user accounts and Banned Passwords can be excluded from the attempts.

I am a great fan of your work and if you ever visit Sweden i'll buy you a Grolsch! Take care!

roadtools_directorysettings

dirkjanm commented 4 months ago

very cool addition! Didn't know it was actually in there...

merged it in :)