Friends-Security / ShadowHound
PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).
☆308Updated 2 months ago
Alternatives and similar repositories for ShadowHound:
Users that are interested in ShadowHound are comparing it to the libraries listed below
- A BloodHound collector for Microsoft Configuration Manager☆301Updated last month
- Some scripts to abuse kerberos using Powershell☆327Updated last year
- Automated Active Directory Enumeration☆433Updated 3 weeks ago
- Assess the security of your Active Directory with few or all privileges.☆261Updated last week
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆270Updated 3 months ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆273Updated 3 months ago
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆193Updated last month
- Abusing Intune for Lateral Movement over C2☆324Updated last week
- winPEAS, but for Active Directory☆145Updated 2 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆225Updated last month
- ☆173Updated 2 months ago
- ☆309Updated 3 months ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆177Updated 6 months ago
- Find potential DLL Sideloads on your windows computer☆175Updated last month
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆145Updated last year
- Make everyone in your VLAN ASRep roastable☆177Updated last week
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 4 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆194Updated 2 months ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆250Updated 6 months ago
- Custom Queries - Brought Up to BH4.1 syntax☆242Updated 3 months ago
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆344Updated 8 months ago
- Lord Of Active Directory - automatic vulnerable active directory on AWS☆140Updated last year
- ☆187Updated 4 months ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆346Updated last week
- Ask a TGS on behalf of another user without password☆467Updated 6 months ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆486Updated 2 years ago
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆217Updated 6 months ago
- Lab used for workshop and CTF☆172Updated 2 weeks ago
- Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…☆113Updated last year
- ☆293Updated 2 months ago