JumpsecLabs / TokenSmithLinks
TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of the box with many popular Azure post exploitation tools.
☆374Updated last year
Alternatives and similar repositories for TokenSmith
Users that are interested in TokenSmith are comparing it to the libraries listed below
Sorting:
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆335Updated 8 months ago
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆656Updated 3 weeks ago
- ☆278Updated 5 months ago
- Assess the security of your Active Directory with few or all privileges.☆341Updated last week
- ☆198Updated 7 months ago
- A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities☆318Updated 10 months ago
- An ADCS honeypot to catch attackers in your internal network.☆324Updated last year
- A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory☆310Updated 3 months ago
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆379Updated last month
- LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment…☆350Updated 5 months ago
- gpoParser is a tool designed to extract and analyze configurations applied through Group Policy Objects (GPOs) in an Active Directory env…☆323Updated 3 weeks ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆398Updated 3 weeks ago
- Automatically run and populate a new instance of BH CE☆113Updated last week
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Updated 2 years ago
- A BloodHound collector for Microsoft Configuration Manager☆363Updated 7 months ago
- Abusing Azure services over C2☆367Updated 2 weeks ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆484Updated last week
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆226Updated 10 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆232Updated last year
- ☆184Updated last year
- Azure Post Exploitation Framework☆244Updated 3 months ago
- Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates…☆67Updated 3 months ago
- User Enumeration of Microsoft Teams users via API☆184Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆322Updated 3 months ago
- ☆188Updated last month
- A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts☆167Updated 7 months ago
- ☆176Updated 9 months ago
- Some scripts to abuse kerberos using Powershell☆355Updated 2 years ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆165Updated last year
- Azure AppHunter is an open-source tool created for security researchers, red teamers and defenders to help them identify excessive privil…☆99Updated 4 months ago