Friends-Security / ShadowHound
PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirectory module (ADWS) or System.DirectoryServices class (LDAP).
☆342Updated 4 months ago
Alternatives and similar repositories for ShadowHound:
Users that are interested in ShadowHound are comparing it to the libraries listed below
- A BloodHound collector for Microsoft Configuration Manager☆312Updated 3 months ago
- Some scripts to abuse kerberos using Powershell☆328Updated last year
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆214Updated 2 weeks ago
- Active Directory Auditing and Enumeration☆446Updated last week
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts.☆139Updated this week
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆297Updated 5 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆185Updated last month
- Abusing Intune for Lateral Movement over C2☆331Updated 2 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆335Updated last week
- Assess the security of your Active Directory with few or all privileges.☆311Updated last month
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆579Updated 9 months ago
- Find potential DLL Sideloads on your windows computer☆199Updated 3 months ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆319Updated last month
- ☆174Updated 4 months ago
- ☆311Updated 2 weeks ago
- Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀☆181Updated last month
- Tool to remotely dump secrets from the Windows registry☆457Updated last month
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆364Updated 10 months ago
- Lab used for workshop and CTF☆178Updated 2 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆415Updated 3 weeks ago
- Automatically run and populate a new instance of BH CE☆72Updated 2 weeks ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆276Updated 8 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆257Updated 5 months ago
- Azure Post Exploitation Framework☆195Updated last month
- ☆160Updated last week
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆205Updated 3 months ago
- Make everyone in your VLAN ASRep roastable☆187Updated last month
- KnowsMore is a swiss army knife tool for pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS and DCSync).☆221Updated this week
- Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…☆126Updated last year
- winPEAS, but for Active Directory☆149Updated 2 weeks ago