TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
☆388Jan 23, 2025Updated last year
Alternatives and similar repositories for TokenSmith
Users that are interested in TokenSmith are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Abusing Azure services over C2☆368Jan 20, 2026Updated 2 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆169Nov 17, 2025Updated 4 months ago
- Azure Post Exploitation Framework�☆246Oct 27, 2025Updated 5 months ago
- A BloodHound collector for Microsoft Configuration Manager☆396Jul 7, 2025Updated 9 months ago
- ☆138Nov 17, 2025Updated 4 months ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆289Aug 14, 2025Updated 7 months ago
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆406Feb 9, 2026Updated 2 months ago
- ☆234Oct 8, 2024Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,241Dec 31, 2025Updated 3 months ago
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆324Oct 12, 2025Updated 5 months ago
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆1,270Mar 27, 2026Updated 2 weeks ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆243Aug 25, 2024Updated last year
- ☆160Jan 27, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆122Jun 17, 2025Updated 9 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆383Dec 13, 2024Updated last year
- Find potential DLL Sideloads on your windows computer☆221Jan 12, 2025Updated last year
- Azure JWT Token Manipulation Toolset☆723Dec 6, 2024Updated last year
- TokenCert☆102Nov 15, 2024Updated last year
- ☆52Mar 30, 2026Updated last week
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆426Sep 29, 2025Updated 6 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆639May 8, 2025Updated 11 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆266Nov 22, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆348Nov 19, 2024Updated last year
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆217Oct 19, 2024Updated last year
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆300Mar 28, 2026Updated last week
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆345Feb 23, 2024Updated 2 years ago
- ☆628Feb 5, 2026Updated 2 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 9 months ago
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,571Feb 5, 2026Updated 2 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆262Feb 21, 2025Updated last year
- A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable w…☆155Mar 20, 2026Updated 3 weeks ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆906Updated this week
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆542May 9, 2025Updated 11 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,844Nov 3, 2024Updated last year
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆364Dec 13, 2025Updated 3 months ago
- Remote operations commands implemented using Beacon Object Files☆1,146Mar 5, 2026Updated last month