Surprisingly I wasn't able to find techniques in this forum to detect brute force logins and password spraying. That being said, I just finished a significant rewrite of the PowerShell module WebsiteFailedLogins. It uses Logparser to parse the IIS logs and identify failed login attempts. Lots of documentation is available on the wiki and the module is published to PowerShell Gallery.
↧