WinRM_Brute is a script which will allow you to brute force crednetials using the WinRM/WSMan service. Because it can pass authentication, it can be used to validate credentials.
Download here: https://github.com/securethelogs/WinRM_Brute
WinRM_Brute, will ask you for the following:
- The target of the computer.
- To select either a single user or to pull from a current user list.
- To provide the path to a wordlist full of passwords.
Once it has these values, it will attempt to authenticate and if successful will display the credentials at the end.
There is a new option that will attempt to pull usernames from AD using the following code: