A fork of SprayAD BOF. Perform LDAP-based or Kerberos-based password spray using Windows API LogonUserSSPI. Skip disabled accounts, locked accounts and large BadPwdCount (if specified).
Kerberos-based password spray
SprayAD --userlist /tmp/userlist.txt --password P@ssw0rd
Skip users that the number of times the user tried to log on with incorrect password larger than 2
SprayAD --userlist /tmp/userlist.txt --password P@ssw0rd --MaxBadPwdCount 2
LDAP-based password spray
SprayAD --userlist /tmp/userlist.txt --password P@ssw0rd --MaxBadPwdCount 2 --authservice ldap
cd SOURCE
make