Clearly this is for penetration testing, not for evil! So if you have to pentest Office 365 you might want to be attacking the authentication services. This will be aligned to the tenant you are testing, as always make sure you have authorisation. Deploy to your favourite LINUX instance or WSL etc. This should just … Continue reading Password Spraying Office 365