Detecting Active Directory Password Spraying with a Honeypot Account

Source provenance. Raw material catalogued for the wiki ingest pipeline. Lives offline at raw_sources/offensive-security/ingested/Detecting Active Directory Password-Spraying with a Honeypot Account.md.

Status: integrated

Excerpt

Password-spraying is a popular technique which involves guessing passwords to gain control of accounts. This automated password-guessing is performed against all users and typically avoids account lockout since the logon attempts with a specific password are performed against every user. This technique is popular with penetration testers, Red Teams…