JumpsecLabs / TokenSmith
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
☆165Updated 2 weeks ago
Alternatives and similar repositories for TokenSmith:
Users that are interested in TokenSmith are comparing it to the libraries listed below
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆116Updated this week
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆154Updated 3 months ago
- ☆174Updated last month
- ☆170Updated last month
- Abusing Intune for Lateral Movement over C2☆302Updated 2 weeks ago
- PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.☆93Updated 4 months ago
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆151Updated this week
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆224Updated this week
- Table of AD and Azure assets and whether they belong to Tier Zero☆198Updated last month
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆263Updated last month
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆136Updated last month
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆239Updated this week
- Automatically run and populate a new instance of BH CE☆58Updated 2 months ago
- ☆171Updated last month
- PowerShell tools to help defenders hunt smarter, hunt harder.☆156Updated 2 weeks ago
- A pure PowerShell solution for Entra OAuth authentication, enabling easy retrieval of access and refresh tokens☆54Updated last week
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆150Updated 4 months ago
- A Azure Exploitation Toolkit for Red Team & Pentesters☆167Updated last year
- Enumerate Microsoft Entra ID (Azure AD) fast☆87Updated 5 months ago
- A BloodHound collector for Microsoft Configuration Manager☆261Updated this week
- ☆106Updated last year
- ☆70Updated last month
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆102Updated 8 months ago
- Assess the security of your Active Directory with few or all privileges.☆249Updated last week
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆154Updated 3 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 8 months ago
- Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.☆158Updated 3 months ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆245Updated last year
- Azure DevOps Services Attack Toolkit☆137Updated 5 months ago
- ☆72Updated last week