JumpsecLabs / TokenSmithLinks
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
☆313Updated 7 months ago
Alternatives and similar repositories for TokenSmith
Users that are interested in TokenSmith are comparing it to the libraries listed below
Sorting:
- ☆231Updated last week
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆311Updated 3 weeks ago
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆236Updated 11 months ago
- An ADCS honeypot to catch attackers in your internal network.☆309Updated last year
- A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.☆482Updated last week
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆261Updated 2 months ago
- Abusing Azure services over C2☆351Updated 2 months ago
- ☆179Updated 8 months ago
- Assess the security of your Active Directory with few or all privileges.☆325Updated 2 months ago
- LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment…☆273Updated last month
- ☆185Updated 2 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆184Updated 11 months ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆376Updated 3 months ago
- Automatically run and populate a new instance of BH CE☆98Updated 3 weeks ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆465Updated last month
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆115Updated last week
- A BloodHound collector for Microsoft Configuration Manager☆345Updated last month
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆254Updated last year
- Azure Post Exploitation Framework☆204Updated 5 months ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆307Updated 3 weeks ago
- User Enumeration of Microsoft Teams users via API☆163Updated last year
- Some scripts to abuse kerberos using Powershell☆342Updated 2 years ago
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆260Updated 4 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆309Updated last year
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆208Updated 4 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆153Updated 6 months ago
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆796Updated 3 months ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆235Updated last month
- Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.☆167Updated last month
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆150Updated 8 months ago