Recon Tool: msprobe
Reading Time: 2 Minutes
msprobe
This tool by puzzlepeaches, lets you find all things on-prem Microsoft for password spraying and enumeration. It will use a list of common subdomains associated with your target apex domain to attempt and discover valid instances of on-prem Microsoft solutions. You can find ADFS servers, RD Web servers, and more. Great for recon and getting ready before spraying attacks as part of your Red Team Assessment.
Screenshots of the tool in action are below:
See Also: So you want to be a hacker?
Offensive Security Courses
Installing
Install the project using pipx
pipx install git+https://github.com/puzzlepeaches/msprobe.git
Trending: Offensive Security Tool: Villain
Trending: Offensive Security Tool: Freeze
Usage
The tool has four different modules that assist with the discovery of on-prem Microsoft products:
- Exchange
- RD Web
- ADFS
- Skype for Business
The help menu and supported modules are shown below:
Examples
Find ADFS servers associated with apex domain:
msprobe adfs acme.com
Find RD Web servers associated with apex domain with verbose output:
msprobe rdp acme.com -v
Find all Microsoft products hostsed on-prem for a domain:
msprobe full acme.com
Clone the repo from here: GitHub Link
Recent Tools
Offensive Security Tool: emp3r0r
emp3r0r is a post-exploitation framework designed for both Linux and …Blue Team Tool: Ghostport
Ghostport is a sophisticated port spoofing tool designed to confuse …Red Teaming Tool: avred
Avred is a tool designed for Red Teamers to identify …Recon Tool: emailFinder
emailFinder is a web scraping tool that extracts email addresses …
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
