Researched and written by Rindert Kramer Introduction At Fox-IT, we often do internal penetration tests for our customers. One of the attacks that we perform is password spraying. In a password spraying attack the attacker tries to authenticate as one of the user accounts that is found in Active Directory using a common password. These … Continue reading Further abusing the badPwdCount attribute →