Outlook Web Access is the on-premise Exchange Mail server. It is possible to pull quite a bit of information from the organization even if we don't fully break into it
OWA Login page
Attacking OWA with Metasploit
Password Spraying with auxiliary module
You may need to change the Auxiliary Action to the appropriate version
If the account is valid the server will get back to you faster than if the account is invalid. Metasploit has a builtin detection mechanism for this and saves the valid user accounts
Valid username example
Metasploit won't stop if you continuously lock out accounts althought it will tell you if an account is locked out. Be sure to monitor it
When there's a successful login, Metasploit will give you the Internal Domain and naming system and convention because we are using Active Directory credentials to login
