Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts.

Overview

Oh365 User Finder

ko-fi

Oh365UserFinder

Oh365UserFinder is used for identifying valid o365 accounts without the risk of account lockouts. The tool parses responses to identify the "IfExistsResult" flag is null or not, and responds appropriately if the user is valid.

Usage

Installing Oh365UserFinder

git clone https://github.com/dievus/Oh365UserFinder.git

Change directories to Oh365UserFinder and run:

pip3 install -r requirements.txt

This will run the install script to add necessary dependencies to your system.

python3 Oh365UserFinder.py -h

This will output the help menu, which contains the following flags:

-h, --help - Lists the help options

-e, --email - Required for running Oh365UserFinder against a single email account

-r, --read - Reads from a text file containing emails (ex. -r emails.txt)

-w, --write - Writes valid emails to a text document (ex. -w validemails.txt)

-t, --threading - Sets a pause between attempts in seconds (ex. -t 60)

-v, --verbose - Outputs test verbosely; note that you must use y to run verbosely (ex. -v y)

Examples of full commands include:

python3 o365UserFinder.py -e [email protected]

python3 Oh365UserFinder.py -r emails.txt -w validemails.txt

python3 Oh365UserFinder.py -r emails.txt -w validemails.txt -t 30 -v y

Notes

Make note that Microsoft does have some defense in place that can, from time to time, provide false positives in feedback. If you suspect that this is occurring take a pause in testing, and return and increase the duration between attempts using the -t flag.

Oh365UserFinderScan

Acknowledgements

This project is based on a previous tool named o365Creeper developed by Korey Mckinley that was last supported in 2019, and developed in Python2.

Comments
  • Invalid 'NoneType' argument for int() function

    Invalid 'NoneType' argument for int() function

    Hi @dievus , first I want to thank you for the great tool.

    As shown in the images below, when using the tool without the -l / --lockout argument, after a LOCKOUT occurrence, an exception occurs that breaks the password spray flow.

    Error : 2022-06-21_15-23

    No Error: 2022-06-21_15-25

    This error occurs because on line 276, the -l / --lockout argument is multiplied by the integer value 60. If the parameter is not defined by the user, the type of the 'lockout' variable is defined as NoneType, which by in turn, it cannot receive arithmetic operations with an integer value, causing the error.

    Suggestions:

    • [x] Create a condition that checks if the -l or --lockout argument was defined by the user at script execution, otherwise it sets a default value (1 maybe) or returns to the help menu and 'forces' the user to use the -l / --lockout argument.
    opened by FroydCod3r 3
  • Enhancement - check whether the IP address is being throttled

    Enhancement - check whether the IP address is being throttled

    The results may get throttled - in that case you'll be returned with false positives (i.e. it always returns "IfExistsResults":0). You can check throttle by looking whether "ThrottleStatus":1.

    If would be nice to return a warning in this case.

    enhancement good first issue 
    opened by tautology0 3
  • Domain Check - Unknown, Managed, Federated

    Domain Check - Unknown, Managed, Federated

    https://github.com/dievus/Oh365UserFinder/blob/main/oh365userfinder.py#L204 valid_response = re.search('"NameSpaceType":"Managed",', response)

    Microsoft outline that there are different namespace types besides Unknown and Managed. As far as I can tell, there is also, Federated which can be seen here for my local university. https://login.microsoftonline.com/[email protected]

    Potentially consider that the regex should check for the word Unknown and change the response to a negative if returned true.

    opened by ILightThings 2
  • invalid email cache & sleep on throttle

    invalid email cache & sleep on throttle

    1. Keep record of invalid emails and skip if an email has already been deemed invalid
    2. When throttling is enabled, sleep and then retry
    3. Appends domain if specified (for use with wordlists without email domain)
    opened by chrismeistre 1
  • Add a shebang so we can be lazy

    Add a shebang so we can be lazy

    The script doesn't have the traditional shebang of: #!/usr/bin/env python3

    So it can't be directly run from the shell. Any chance this could be added to help us lazy people?

    enhancement 
    opened by tautology0 1
Owner
Joe Helle
Also known as the Mayor
Joe Helle
edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

stryngs 43 Dec 23, 2022
🍯 16 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres & MySQL)

Easy to setup customizable honeypots for monitoring network traffic, bots activities and username\password credentials. The current available honeypot

QeeqBox 259 Dec 31, 2022
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals.

A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.

Jon Zink 2 Aug 03, 2022
Grafana-POC(CVE-2021-43798)

Grafana-Poc 此工具请勿用于违法用途。 一、使用方法:python3 grafana_hole.py 在domain.txt中填入ip:port 二、漏洞影响范围 影响版本: Grafana 8.0.0 - 8.3.0 安全版本: Grafana 8.3.1, 8.2.7, 8.1.8,

8 Jan 03, 2023
Compilation of resources and insights that helped me on my journey to data scientist

Compilation of resources and insights that helped me on my journey to data scientist

Conor Dewey 1.5k Jan 02, 2023
Cobalt Strike < 4.4 dos CVE-2021-36798

CVE-2021-36798 CVE-2021-36798 Cobalt Strike 4.3 dos 用法 python3 CVE-2021-36798.py BeaconURL 打瘫Cobalt Strike 只需要一个包 已测试 4.3 4.2 参考: https://labs.sent

37 Nov 09, 2022
Scan Site - Tools For Scanning Any Site and Get Site Information

Site Scanner Tools For Scanning Any Site and Get Site Information Example Require - pip install colorama - pip install requests How To Use Download Th

NumeX 5 Mar 19, 2022
集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具,使用docker封装运行;

tools下有几个工具,所以项目文件比较大,如果下载总是中断的话建议拆开下载各个项目然后直接拷贝dockefile和recon.py即可 0x01 hscan介绍 hscan是什么 hscan是一款旨在使用一条命令替代渗透前的多条扫描命令,通过集成crawlergo扫描和xray扫描、dirsear

102 Jan 04, 2023
Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

1 Jan 24, 2022
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.

RITA (Real Intelligence Threat Analytics) in Jupyter Notebook RITA is an open source framework for network traffic analysis sponsored by Active Counte

Mehmet E. 157 Nov 24, 2022
You can manage your password with this program.

You must have Python compilers in order to run this program. First of all, download the compiler in the link.

Mustafa Bahadır Doğrusöz 6 Aug 07, 2021
Detection And Breaking With Python

Detection And Breaking IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::::::::II::::::::I P:::::::

Baris Dincer 1 Dec 26, 2021
Discord-keylogger - Discord keylogger With Python

Discord-keylogger Usage python dlogger.py -t [Time interval in sec] if not speci

Satwik Sinha 1 Jan 30, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne

60 Dec 10, 2022
Log4j minecraft with python

log4jminecraft This code DOES NOT promote or encourage any illegal activities! The content in this document is provided solely for educational purpose

David Bombal 154 Dec 24, 2022
Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods

Time Discretization-Invariant Safe Action Repetition for Policy Gradient Methods This repository is the official implementation of Seohong Park, Jaeky

Seohong Park 6 Aug 02, 2022
A fast tool to scan prototype pollution vulnerability

proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :

Muhammed Mahdi 4 Aug 31, 2021
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

Statistical Random Number Generator Attack Against The Kirchhoff-law-johnson-noise (Kljn) Secure Key Exchange Protocol

zeze 1 Jan 13, 2022
Fast and easy way to rollout on multiple GitLab project file a particular content.

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Lujeni 4 Jan 17, 2022