JumpsecLabs / TokenSmithLinks
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
☆324Updated 9 months ago
Alternatives and similar repositories for TokenSmith
Users that are interested in TokenSmith are comparing it to the libraries listed below
Sorting:
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆276Updated last year
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆314Updated 2 weeks ago
- ☆262Updated 2 months ago
- An ADCS honeypot to catch attackers in your internal network.☆312Updated last year
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆299Updated 4 months ago
- Assess the security of your Active Directory with few or all privileges.☆334Updated 4 months ago
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆328Updated last week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆255Updated last year
- ☆196Updated 4 months ago
- Abusing Azure services over C2☆361Updated 4 months ago
- LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment…☆322Updated last month
- Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates…☆65Updated this week
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆292Updated last month
- Automatically run and populate a new instance of BH CE☆103Updated 2 months ago
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆93Updated last month
- A BloodHound collector for Microsoft Configuration Manager☆348Updated 3 months ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆385Updated 5 months ago
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆471Updated this week
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆312Updated last week
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆263Updated 6 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆191Updated last year
- ☆179Updated 10 months ago
- Azure Post Exploitation Framework☆239Updated 3 weeks ago
- User Enumeration of Microsoft Teams users via API☆175Updated last year
- Some scripts to abuse kerberos using Powershell☆341Updated 2 years ago
- A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.☆613Updated this week
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆851Updated 5 months ago
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆164Updated 3 months ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆241Updated 3 months ago
- A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.☆199Updated 11 months ago