AlexLinov/EntraMFACheck external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

AlexLinov/EntraMFACheck

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/AlexLinov/EntraMFACheck)

Close

AlexLinov / EntraMFACheckView on GitHubMore

• External links
• Readme badge

Identify Azure AD resources that issue tokens without MFA enforcement using the ROPC grant flow.

☆83Feb 2, 2026Updated last month

Alternatives and similar repositories for EntraMFACheck

Users that are interested in EntraMFACheck are comparing it to the libraries listed below

• nickvourd / SugarFree

  View on GitHub
  Less sugar (entropy) for your binaries
  ☆33Sep 10, 2025Updated 5 months ago
• waffl3ss / bloodpath

  View on GitHub
  Agressor script for Cobalt Strike to mark users as owned in bloodhound from the Cobalt Strike credentials tab.
  ☆12Dec 21, 2019Updated 6 years ago
• kozmer / dcsync-bof

  View on GitHub
  dcsync bof
  ☆44Feb 13, 2026Updated 2 weeks ago
• b1-team / dll-hijack

  View on GitHub
  Dll hijack -- just one macro
  ☆12Jul 3, 2023Updated 2 years ago
• t1Sh1n4 / Invoke-SPSI

  View on GitHub
  Invoke-SPSI - Simple PowerShell Shellcode Injector
  ☆37Oct 9, 2025Updated 4 months ago
• inzlain / sameuser

  View on GitHub
  Helper script for BloodHound to automatically add relationships between multiple accounts owned by the same individual
  ☆14Jul 13, 2022Updated 3 years ago
• buldansec / EnableEFS

  View on GitHub
  Enable EFS service as low priv user (PE & BOF)
  ☆21Jul 6, 2025Updated 7 months ago
• curi0usJack / Ludus-MDE-MDI-Roles

  View on GitHub
  Ludus roles to deploy ASR rules and MDI auditing settings
  ☆16Aug 5, 2025Updated 6 months ago
• ZERODETECTION / Havoc_Demon_API_Hashing

  View on GitHub
  Rehashing APIs to prevent hash based detection
  ☆14Jan 7, 2025Updated last year
• outflanknl / regcertipy

  View on GitHub
  Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does
  ☆95Jul 3, 2025Updated 7 months ago
• xyplex3 / RedTeamCoin

  View on GitHub
  Red Team Coin for crypto-mining operations.
  ☆23Jan 12, 2026Updated last month
• Antonlovesdnb / TTPRunner

  View on GitHub
  Run TTPs, with AI!
  ☆71Feb 23, 2026Updated last week
• cno-io / dockerBuilds

  View on GitHub
  ☆12Oct 15, 2024Updated last year
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated 11 months ago
• c0rdyc3ps / ScrappyDoo

  View on GitHub
  Opengraph-Compatible JSON Generator for BloodHound
  ☆27Jan 12, 2026Updated last month
• BloodHoundAD / TierZeroTable

  View on GitHub
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆26Sep 12, 2023Updated 2 years ago
• EvilBytecode / PS2BAT

  View on GitHub
  A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.
  ☆11Apr 21, 2025Updated 10 months ago
• TierZeroSecurity / killerPID-BOF

  View on GitHub
  BOF to terminate a process via PID as argument
  ☆28Sep 7, 2025Updated 5 months ago
• kurtjarvis / PowershellActiveDirectoryAbuse

  View on GitHub
  Pentester Academy notes and commands from the CRTP/CRTE/PACES courses
  ☆15Apr 29, 2022Updated 3 years ago
• ricardojoserf / AutoPtT

  View on GitHub
  Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…
  ☆116Feb 17, 2026Updated last week
• fastlorenzo / redelk-kibana-app

  View on GitHub
  Kibana app for RedELK
  ☆18Mar 19, 2023Updated 2 years ago
• typeconfused / windows-ps-callbacks-experiments

  View on GitHub
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆12Jan 1, 2023Updated 3 years ago
• tehstoni / RustyDumper

  View on GitHub
  Process dumper wrote in rust.
  ☆14Sep 16, 2024Updated last year
• slemire / bof-adopt

  View on GitHub
  BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆17Jul 22, 2022Updated 3 years ago
• lsecqt / SessionView

  View on GitHub
  A portable C# utility for enumerating local and remote windows sessions
  ☆56Jan 1, 2026Updated 2 months ago
• BlWasp / WDSFinder

  View on GitHub
  A simple tool to identify WDS servers in Active Directory
  ☆32Aug 25, 2025Updated 6 months ago
• lair-framework / browser-scripts

  View on GitHub
  Collection of small JavaScript functions and scripts that can be used in the browser to interact with Lair
  ☆22Mar 20, 2019Updated 6 years ago
• b1-team / phantom

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆17Aug 14, 2023Updated 2 years ago
• cod3nym / Ghosting-AMSI

  View on GitHub
  Ghosting-AMSI
  ☆18Apr 30, 2025Updated 10 months ago
• nullenc0de / trust-validator

  View on GitHub
  Validates priv escalation of AD trusts
  ☆48Apr 1, 2025Updated 11 months ago
• malcomvetter / WhoDis

  View on GitHub
  An example pattern in C# for watching security events (logon/logoff/privilege)
  ☆17Aug 13, 2018Updated 7 years ago
• N4kedTurtle / SharpTeamsDump

  View on GitHub
  Dump Teams conversations
  ☆18Jun 9, 2021Updated 4 years ago
• C0axx / Modified-Thycotic-Secret-Stealer

  View on GitHub
  Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption
  ☆19Aug 5, 2022Updated 3 years ago
• melotic / nanostorm

  View on GitHub
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆21Dec 15, 2024Updated last year
• fastlorenzo / redelk-ansible

  View on GitHub
  Ansible roles to deploy RedELK
  ☆23Feb 15, 2023Updated 3 years ago
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆215Oct 19, 2024Updated last year
• preludeorg / ThreatIntelligenceConsumer

  View on GitHub
  Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…
  ☆64Jan 19, 2026Updated last month
• affix / rusty-hollow

  View on GitHub
  Unix Process hollowing in rust
  ☆22Dec 16, 2024Updated last year
• 0xAnalyst / Project-Lost

  View on GitHub
  Living Off Security Tools
  ☆58Nov 23, 2025Updated 3 months ago