Putting a leash on naughty AWS permissions
☆135Sep 5, 2025Updated 6 months ago
Alternatives and similar repositories for dAWShund
Users that are interested in dAWShund are comparing it to the libraries listed below
Sorting:
- AWS Trustline: Check external access on your AWS account☆129Feb 27, 2026Updated 3 weeks ago
- An OpenAI API Compatible Honeypot Gateway☆17Mar 17, 2025Updated last year
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 10 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆360Jan 8, 2026Updated 2 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆276Dec 27, 2024Updated last year
- ☆164May 5, 2025Updated 10 months ago
- Map visualization and firewall for AWS activity, inspired by Little Snitch for macOS.☆374Dec 6, 2025Updated 3 months ago
- ☆50Jun 4, 2025Updated 9 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆866Feb 3, 2024Updated 2 years ago
- ☆53Jun 28, 2025Updated 8 months ago
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆41May 7, 2023Updated 2 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- JamfHound is a python3 project designed to collect and identify attack paths in Jamf Pro tenants based on existing object permissions by …☆121Sep 2, 2025Updated 6 months ago
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆60Updated this week
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆140Jul 2, 2025Updated 8 months ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆25Dec 11, 2024Updated last year
- ☆133Dec 4, 2023Updated 2 years ago
- A Kubernetes Forensic Collection Framework for Azure Kubernetes Service☆41Feb 9, 2026Updated last month
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆314Feb 16, 2026Updated last month
- ☆19Dec 18, 2024Updated last year
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆103Jul 9, 2025Updated 8 months ago
- ☆49Apr 9, 2025Updated 11 months ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆396Sep 26, 2025Updated 5 months ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- ☆100Sep 1, 2024Updated last year
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP☆84May 17, 2025Updated 10 months ago
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆611Dec 9, 2025Updated 3 months ago
- ☆163Nov 19, 2025Updated 4 months ago
- adws enumeration bof☆169Feb 16, 2026Updated last month
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- Exploits Unauth Docker API☆43Apr 18, 2025Updated 11 months ago
- ☆234Jun 10, 2025Updated 9 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- ☆625Feb 5, 2026Updated last month
- Addon for BHCE☆58Apr 1, 2025Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year