0xZDH / msspray

Related projects ⓘ

Alternatives and complementary repositories for msspray

• optionalCTF / SSOh-No
  User enumeration and password spraying tool for testing Azure AD
  ☆68Updated 2 years ago
• lutzenfried / Delegate
  Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data
  ☆43Updated last year
• snovvcrash / peas
  Modified version of PEAS client for offensive operations
  ☆38Updated last year
• HernanRodriguez1 / Bypass-AMSI
  ☆46Updated 2 years ago
• blurbdust / ldd2bh
  Convert ldapdomaindump to Bloodhound
  ☆77Updated 11 months ago
• snovvcrash / OffensivePipeline
  OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
  ☆90Updated 2 years ago
• AlteredSecurity / RBCD
  Script written in python to perform Resource-Based Constrained Delegation (RBCD) attack by leveraging Impacket toolkit.
  ☆20Updated 3 years ago
• Sprocket-Security / cvetrends
  cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com
  ☆38Updated 2 years ago
• ZarvisD / Azure-AD
  Azure pentesting reference for Altered Security Lab
  ☆24Updated 2 years ago
• Sh11td0wn / winrm_kerb_shell
  Ruby script that calls an almost interactive shell via WinRM (TCP/5985) on an Windows machine, relaying on a valid Kerberos ticket. (Very…
  ☆16Updated 5 years ago
• 0xZDH / burp-password-spray
  This extension allows a user to specify a lockout policy in order to automate a password spray attack via Intruder.
  ☆23Updated 4 years ago
• knavesec / o365fedenum
  Federated Office365 user enumeration based on correlated response trend analysis
  ☆47Updated 2 years ago
• LuemmelSec / CVE-2023-29357
  ☆51Updated last year
• optiv / airCross
  airCross is a tool that takes advantage of API functionality within VMWare's AirWatch MDM solution to perform single-factor authenticatio…
  ☆40Updated 2 years ago
• ST1LLY / dc-sonar
  Analyzing AD domains for security risks related to user accounts
  ☆63Updated 2 years ago
• cyberbutler / RedDrop
  RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.
  ☆57Updated 2 years ago
• expl0itabl3 / Redsheet
  Red Teaming & Active Directory Cheat Sheet.
  ☆39Updated last year
• Karmaz95 / crimson_lisp
  Linux Post-Exploitation tools wrapper
  ☆20Updated last year
• d3lb3 / KeePass-the-Hash
  A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…
  ☆31Updated 2 years ago
• praetorian-inc / NTLMRecon
  A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.
  ☆79Updated 11 months ago
• aas-n / aclpwn.py
  Active Directory ACL exploitation with BloodHound
  ☆12Updated 3 years ago
• hyd3sec / MultiThreaded_C2_With_Keylogger
  Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil
  ☆20Updated 2 years ago
• k3nundrum / redteamtips
  ☆15Updated last year
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated 11 months ago
• KINGSABRI / goCabrito
  Super organized and flexible script for sending phishing campaigns
  ☆54Updated 2 years ago
• cheshireca7 / smbAutoRelay
  SMB Auto Relay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environme…
  ☆47Updated 3 years ago
• edermi / gophish_mods
  Open-Source Phishing Toolkit
  ☆17Updated 3 years ago
• duckbillsecurity / pdf-smuggler
  Create PDFs with HTML smuggling attachments that save on opening the document.
  ☆27Updated last year
• OOAFA / squeegee
  A collection of tools using OCR to extract potential usernames from RDP screenshots.
  ☆28Updated 7 months ago