Last updated: October 7, 2020 | 590 views
The Trident project is an automated password spraying tool developed to be deployed across multiple cloud providers and provides advanced options around scheduling and IP pooling.
trident was designed and built to fulfill several requirements and to provide:
- the ability to be deployed on several cloud platforms/execution providers
- the ability to schedule spraying campaigns in accordance with a target’s account lockout policy
- the ability to increase the IP pool that authentication attempts originate from for operational security purposes
- the ability to quickly extend functionality to include newly-encountered authentication platforms
Using trident Password Spraying Tool
Usage: trident-cli campaign [flags] Flags: -a, --auth-provider string this is the authentication platform you are attacking (default "okta") -h, --help help for campaign -i, --interval duration requests will happen with this interval between them (default 1s) -b, --notbefore string requests will not start before this time (default "2020-09-09T22:31:38.643959-05:00") -p, --passfile string file of passwords (newline separated) -u, --userfile string file of usernames (newline separated) -w, --window duration a duration that this campaign will be active (ex: 4w) (default 672h0m0s) |
Example output:
$ trident-client results +----+-------------------+------------+-------+ | ID | USERNAME | PASSWORD | VALID | +----+-------------------+------------+-------+ | 1 | alice@example.org | Password1! | true | | 2 | bob@example.org | Password2! | true | | 3 | eve@example.org | Password3! | true | +----+-------------------+------------+-------+ |
You can download trident here:
Or read more here.
