CrowdStrike / OWASSRF

Related projects ⓘ

Alternatives and complementary repositories for OWASSRF

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆93Updated 11 months ago
• amjcyber / EDRNoiseMaker
  Detect WFP filters blocking EDR communications
  ☆78Updated 10 months ago
• Cyb3r-Monk / ACCD
  Active C&C Detector
  ☆149Updated last year
• QueenSquishy / plague
  Default Detections for EDR
  ☆94Updated 8 months ago
• zeronetworks / ldapfw
  Protect your Domain Controllers by auditing and restricting LDAP requests
  ☆100Updated this week
• MazX0p / ThreatHound
  ☆155Updated 11 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆132Updated 3 months ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆129Updated 2 months ago
• JPG0mez / ADCSync
  Use ESC1 to perform a makeshift DCSync and dump hashes
  ☆198Updated last year
• nettitude / MalSCCM
  ☆241Updated last year
• mertdas / SharpLateral
  Lateral Movement
  ☆118Updated 11 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆58Updated last year
• 0xBallpoint / LOAD
  Lord Of Active Directory - automatic vulnerable active directory on AWS
  ☆130Updated last year
• LuemmelSec / Custom-BloodHound-Queries
  ☆171Updated 9 months ago
• lkarlslund / hashmuncher
  Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later
  ☆89Updated last year
• werdhaihai / AtlasReaper
  A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
  ☆245Updated last year
• 1njected / CMLoot
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
  ☆156Updated last year
• ACE-Responder / RogueSliver
  A suite of tools to disrupt campaigns using the Sliver C2 framework.
  ☆247Updated last year
• TH3xACE / EDR-Test
  Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].
  ☆146Updated last year
• daem0nc0re / Abusing_Weak_ACL_on_Certificate_Templates
  Investigation about ACL abusing for Active Directory Certificate Services (AD CS)
  ☆119Updated 3 years ago
• synacktiv / GPOddity
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆262Updated this week
• zblurx / acltoolkit
  ACL abuse swiss-knife
  ☆117Updated last year
• cbecks2 / edr-artifacts
  This repository is meant to catalog network and host artifacts associated with various EDR products "shell" and response functionalities.
  ☆71Updated 2 months ago
• Semperis / GoldenGMSA
  GolenGMSA tool for working with GMSA passwords
  ☆135Updated 6 months ago
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆126Updated last week
• 0xe7 / WonkaVision
  ☆80Updated last year
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆166Updated last year
• Mayyhem / Maestro
  Abusing Intune for Lateral Movement over C2
  ☆266Updated last week
• bitsadmin / chophound
  Some scripts to support with importing large datasets into BloodHound
  ☆76Updated 11 months ago
• Immersive-Labs-Sec / SliverC2-Forensics
  A collection of tools and detections for the Sliver C2 Frameworj
  ☆109Updated last year