Skip to content
/ password-spraying Public

A threat actor may guess the target credentials using a single password with a large set of usernames against the target

License

AGPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

qeeqbox/password-spraying

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
password-spraying.drawio
password-spraying.drawio
 
 
password-spraying.png
password-spraying.png
 
 

Repository files navigation

A threat actor may guess the target credentials using a single password with a large set of usernames against the target

Example #1

  1. Threat actor finds a commonly used passwords
  2. Threat actor utilizes the passwords with a list of usernames

Impact

Vary

Risk

  • Gain unauthorized access

Redemption

  • Increase the password length
  • Increase password complexity
  • Limit login attempts
  • Implement captcha
  • Multi-factor authentication

ID

8456e95b-dae6-44ff-bb2b-75a37e16c0c7

References

About

A threat actor may guess the target credentials using a single password with a large set of usernames against the target

Topics

visualization metadata example password vulnerability spraying qeeqbox infosecsimplified

Resources

Readme

License

AGPL-3.0 license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Sponsor this project

 
Learn more about GitHub Sponsors