SOLVED

Password Spray Attack

Occasional Contributor

Is "Password Spray Attack" and "Brute Force Password" deprecated? I can find it in the old portal, but it just redirects to "Attack simlulation training" is the new portal and I can't find the option here.

 

khelbo_0-1628860452680.png

 

1 Reply
best response confirmed by khelbo (Occasional Contributor)
Solution
Those 2 tools are currently depreciated from new version of Attack Simulation Training (the method they used against EWS it terms of using basic auth has been secured by default in the service, so they have little value in their current form) . They will be coming back into the product in some shape or form later when we extend simulation capabilities to Cloud and Endpoint. We don’t have an exact date yet as design is just starting but will not be this FY.

In the meantime we recommend most customers who do want continue using those use something like MailSniper which you can find on Github. As it performs the exact same techniques and was used as the inspiration for the attacks in V1
www.000webhost.com