Not a lot of people may know this, but even someone with only “Domain User” credentials can read a whole lot of information about Microsoft Active Directory from their personal machine without any sort...
Pentester, 20 year technology professional, lifelong geek and lover of all things tech.
Did Microsoft update something with Office 365 this weekend that broke user enumeration? Trying UhOh365 by @raikiasec and it's returning no users as valid. Also tried O365Creeper and it's returning values all over the place. Office365userenum for PW sprays returns [1/2]