An LDAP based Active Directory user and group enumeration tool
☆309Feb 11, 2026Updated last month
Alternatives and similar repositories for ad-ldap-enum
Users that are interested in ad-ldap-enum are comparing it to the libraries listed below
Sorting:
- Active Directory information dumper via LDAP☆1,385Apr 6, 2025Updated 11 months ago
- Python script to enumerate users, groups and computers from a Windows domain through LDAP queries☆953Apr 20, 2022Updated 3 years ago
- Domain user enumeration tool☆216Nov 2, 2023Updated 2 years ago
- A Powershell implementation of PrivExchange designed to run under the current user's context☆125Jan 31, 2019Updated 7 years ago
- A script for advanced discovery of Privileged Accounts - includes Shadow Admins☆826Sep 9, 2019Updated 6 years ago
- PowerShell Pass The Hash Utils☆1,732Dec 9, 2018Updated 7 years ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆399May 20, 2020Updated 5 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆634Jun 20, 2017Updated 8 years ago
- A Python based ingestor for BloodHound☆2,359Oct 24, 2025Updated 4 months ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- LyncSniper: A tool for penetration testing Skype for Business and Lync deployments☆307Jul 3, 2020Updated 5 years ago
- ☆182Feb 21, 2022Updated 4 years ago
- .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers☆2,924Nov 19, 2025Updated 4 months ago
- HTA encryption tool for RedTeams☆1,421Nov 9, 2022Updated 3 years ago
- Active Directory Integrated DNS dumping by any authenticated user☆1,146Apr 4, 2025Updated 11 months ago
- Domain Password Audit Tool for Pentesters☆1,027Dec 24, 2025Updated 2 months ago
- Active Directory ACL exploitation with BloodHound☆756Nov 18, 2021Updated 4 years ago
- Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software…☆200Nov 19, 2017Updated 8 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆110Sep 26, 2017Updated 8 years ago
- PowerShell script to find 'vulnerable' security-related GPOs that should be hardended☆198Jun 1, 2018Updated 7 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.☆121Aug 18, 2020Updated 5 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,218Aug 7, 2025Updated 7 months ago
- linikatz is a tool to attack AD on UNIX☆594Oct 19, 2023Updated 2 years ago
- The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool…☆1,125Feb 10, 2021Updated 5 years ago
- Exchange privilege escalations to Active Directory☆810Apr 23, 2023Updated 2 years ago
- MSDAT: Microsoft SQL Database Attacking Tool☆989Aug 1, 2023Updated 2 years ago
- ☆1,490Dec 31, 2022Updated 3 years ago
- Collection of PowerShell scripts☆450Dec 18, 2017Updated 8 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- PowerShell Scripts I find useful☆776May 18, 2016Updated 9 years ago
- Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Dir…☆1,622Jan 23, 2024Updated 2 years ago
- automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.☆72Dec 18, 2019Updated 6 years ago
- SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, Supe…☆1,314Nov 22, 2022Updated 3 years ago
- Credentials gathering tool automating remote procdump and parse of lsass process.☆782Jun 20, 2020Updated 5 years ago
- Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.☆177Sep 18, 2018Updated 7 years ago
- Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS☆1,649Oct 11, 2018Updated 7 years ago
- A tool to elevate privilege with Windows Tokens☆1,063Oct 6, 2023Updated 2 years ago
- SMBMap is a handy SMB enumeration tool☆2,026Jan 6, 2026Updated 2 months ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 7 years ago