A DOM-based G-Suite password sprayer and user enumerator

Getting Started

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes.


First, clone the repository

git clone

Once inside it, run poetry to install the dependencies

poetry install

Alternatively, you can install them with pip

pip install -r requirements.txt


Use -h to show the help menu

poetry run ./ -h

usage: [-h] [-t TARGET] [-d {chrome,firefox}] (-u USERNAME | -U FILE) [-o OUTPUT] [-r N] [-x PROXY] [--sleep SLEEP] [--wait WAIT] [--jitter JITTER] [--slack SLACK]
                   [-H] [-s] [--rua] [-v]
                   {enum,spray} ...

G-Suite Password Sprayer.

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        Target URL (default:
  -d {chrome,firefox}, --driver {chrome,firefox}
                        Webdriver to be used (default: chrome)
  -u USERNAME, --username USERNAME
                        Single username
  -U FILE, --usernames FILE
                        File containing usernames
  -o OUTPUT, --output OUTPUT
                        Output file (default depends on subcommand)
  -r N, --reset-after N
                        Reset browser after N attempts (default: 1)
  -x PROXY, --proxy PROXY
                        Proxy to pass traffic through: <scheme://ip:port>
  --sleep SLEEP         Sleep time (in seconds) between each iteration (default: 0)
  --wait WAIT           Time to wait (in seconds) when looking for DOM elements (default: 3)
  --jitter JITTER       Max jitter (in seconds) to be added to wait time (default: 0)
  --slack SLACK         Slack webhook for sending notifications (default: None)
  -H, --headless        Run in headless mode
  -s, --shuffle         Shuffle user list
  --rua                 Use random user-agent
  -v, --verbose         Verbose output

  valid subcommands

  {enum,spray}          additional help
    enum                Perform user enumeration
    spray               Perform password spraying

There is also help menu for each subcommand:

poetry run ./ <subcommand> -h


Enumerate valid accounts from a company using G-Suite, in headless mode

poetry run ./ -r 50 -U emails.txt --headless enum

Perform password spraying using a proxy and waiting 30 minutes between each password iteration

poetry run ./ -r 1 -U emails.txt -P passwords.txt --proxy spray --lockout 30


If you are using a proxy with a protocol other than HTTP, you should specify the schema like socks5://


This project is licensed under the MIT License - see the LICENSE file for details



This tool is intended for educational purpose or for use in environments where you have been given explicit/legal authorization to do so.