Stars
🧙♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
A tool to perform Kerberos pre-auth bruteforcing
PassFiltEx. An Active Directory Password Filter.
PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.
Secure and fast microVMs for serverless computing.
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
Check for valid credentials across a network over SMB
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Enumerate and check domains for Azure tenants
StandIn is a small .NET35/45 AD post-exploitation toolkit
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…
Generate a boatload of Fake Apache Log files very quickly
Powershell tool to automate Active Directory enumeration.
Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?
A PowerShell script that automates the security assessment of Microsoft Active Directory environments.
A curated list of awesome resources related to executable packing