Search

Home

PNPT Studies

PJPT Studies

AD CS / Certificate Attacks (ESC1-15) (1, 8, 11 for now)

Report Writing / Client Presentation

Operationalizing Cybercrime Data (June 2025)

Bypassing MFA/2FA

  1. Embed GitHubEmbed GitHub
    1. Uses mailsniper once it finds something
  2. Embed GitHubEmbed GitHub

MFASweep steps:

sudo pwsh
pwsh -ep bypass
. .\MFASweep.ps1
Invoke-MFASweep -Username targetuser@targetdomain.com -Password Winter2020 -Recon -IncludeADFS -WriteTokens

Once you bypass, you can check emails for credentials or whatever else you can find!!