-
Notifications
You must be signed in to change notification settings - Fork 13
Home
mvelazc0 edited this page Apr 24, 2019
·
3 revisions
Password spraying is an effective technique available to adversaries that allows them to gain access or escalate privileges on Windows environments. This technique can be executed in different variations like using Kerberos or NTLM, targeting a domain host or several, using domain or local accounts, etc.
Different scenarios will leave different forensic artifacts behind which may require different detection analytics.
By automating the simulation of password spray attacks using different scenarios in properly monitored environments, PurpleSpray will generate relevant telemetry that can be used by detection teams to test the resilience of detection analytics.