Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.
☆40Mar 23, 2024Updated last year
Alternatives and similar repositories for bqm
Users that are interested in bqm are comparing it to the libraries listed below
Sorting:
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆26Aug 8, 2023Updated 2 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆35Dec 1, 2025Updated 3 months ago
- Claude MCP server to perform analysis on ROADrecon data☆48Mar 30, 2025Updated 11 months ago
- Federated Office365 user enumeration based on correlated response trend analysis☆49May 3, 2022Updated 3 years ago
- SCEP request tool for AD CS and Intune☆73Oct 24, 2025Updated 4 months ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated last year
- Azure Offensive Library☆17Oct 18, 2025Updated 4 months ago
- ☆26Apr 1, 2022Updated 3 years ago
- A dotnet executable to get an Entra token in an authenticated runtime☆16Oct 30, 2024Updated last year
- Assorted BloodHound Cypher queries/tricks I haven't seen in other cheat sheets☆12Jun 21, 2021Updated 4 years ago
- SSE to Stdio MCP Proxy Server☆19Feb 17, 2026Updated last week
- Collection of cyphers for bloodhound☆155Jun 26, 2024Updated last year
- Custom queries list for BloodHound☆31Jul 8, 2025Updated 7 months ago
- A small go tool to upload JSON files to the BloodHound community edition API☆29May 29, 2024Updated last year
- ☆159Feb 8, 2025Updated last year
- Simple script to extract useful informations from the combo BloodHound + Neo4j☆266Apr 4, 2025Updated 10 months ago
- Reverse SOCKS5 Proxy Written in Rust☆28Mar 9, 2021Updated 4 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated 2 years ago
- Impacket is a collection of Python classes for working with network protocols.☆302Jan 20, 2026Updated last month
- ☆39Mar 25, 2021Updated 4 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 2 years ago
- Virtualization Security Audit Tool - Security assess CIS compliance of a Virtualization environments☆15Nov 21, 2023Updated 2 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆100Oct 12, 2021Updated 4 years ago
- Attempt at Obfuscated version of SharpCollection☆243Nov 15, 2025Updated 3 months ago
- ☆18Feb 29, 2024Updated 2 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- ☆19Apr 10, 2022Updated 3 years ago
- DLL proxying for lazy people☆200Dec 1, 2025Updated 3 months ago
- Shellcode loader designed for evasion. Coded in Rust.☆134Mar 5, 2023Updated 2 years ago
- ☆757Feb 3, 2026Updated 3 weeks ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆97Apr 13, 2023Updated 2 years ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆236Aug 25, 2024Updated last year
- Create local administrators with the SAMR API (lowest-level technique). Implemented in C#, Crystal, Python and Rust☆56Jan 27, 2026Updated last month