Friends-Security / ShadowHound
PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).
☆332Updated 3 months ago
Alternatives and similar repositories for ShadowHound:
Users that are interested in ShadowHound are comparing it to the libraries listed below
- A BloodHound collector for Microsoft Configuration Manager☆308Updated 2 months ago
- Some scripts to abuse kerberos using Powershell☆328Updated last year
- Automated Active Directory Enumeration☆435Updated this week
- Abusing Intune for Lateral Movement over C2☆327Updated last month
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆287Updated 4 months ago
- ☆174Updated 3 months ago
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆207Updated 2 months ago
- Assess the security of your Active Directory with few or all privileges.☆301Updated last week
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆220Updated 7 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆405Updated this week
- ☆312Updated 2 weeks ago
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆148Updated 2 years ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆168Updated 6 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆566Updated 8 months ago
- LDAP enumeration tool implemented in Python3☆226Updated 5 months ago
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆355Updated 9 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆730Updated 2 weeks ago
- Find potential DLL Sideloads on your windows computer☆176Updated 2 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆276Updated 4 months ago
- Ask a TGS on behalf of another user without password☆467Updated 7 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆228Updated 2 months ago
- Retrieve and display information about active user sessions on remote computers. No admin privileges required.☆180Updated 7 months ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆269Updated 7 months ago
- ☆141Updated 4 months ago
- Timeroasting scripts by Tom Tervoort☆275Updated last year
- Lab used for workshop and CTF☆174Updated last month
- Make everyone in your VLAN ASRep roastable☆184Updated 3 weeks ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆255Updated 4 months ago