Microsoft Office 365 Enumeration

Site Enumeration:

Figure 1: MX Record
Figure 2: Invalid O365 Site Record
Figure 3: Valid O365 Site Record

User List:

Figure 4: Burp Suite Extension
Figure 5: Burp Suite Proxy Intercept

Account Validation:

Figure 6: Invalid User Account
Figure 7: Valid User Account
Figure 8: Invalid User Account (first initial last name)[IfExist:1]
Figure 9: Valid User Account (first.last)[IfExist:0]
Figure 10: Automated User List

Account Enumeration:

Figure 11: Burp Suite Intruder (Payloads)
Figure 12: Burp Suite Intruder (Options)
Figure 13: False-Positive — TrottleStatus
Figure 14: msspray.py Enumeration

Next Steps:

References:

Disclaimer:

--

--

--

Cyber Security Enthusiast

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Startups: The Most Important Audience in Cyber

{UPDATE} BeatEVO YG - AllStars Game Hack Free Resources Generator

What is Single Sign On (SSO) and How It Works?

Coinbase Transparency Report — — Q1-Q3, 2021

Securing the worlds APIs: why we’re partnering with 42Crunch

6 information and cyber security nightmares—and how to prevent them

Jupiter Early Adaptor

SpiderDAO Marketplace

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Mike Bond

Mike Bond

Cyber Security Enthusiast

More from Medium

Hacking the University in a Few Steps

Packets and Frames

Kioptrix: Level 1 [Vulnhub] Walkthrough

SQL injection & Wordpress Explotiation: Welok, Try Hack Me