MaLDAPtive / Invoke-MaldaptiveLinks
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
☆301Updated last year
Alternatives and similar repositories for Invoke-Maldaptive
Users that are interested in Invoke-Maldaptive are comparing it to the libraries listed below
Sorting:
- ☆206Updated 2 months ago
- Tools for interacting with authentication packages using their individual message protocols☆340Updated 2 weeks ago
- A BloodHound collector for Microsoft Configuration Manager☆345Updated last month
- Find potential DLL Sideloads on your windows computer☆213Updated 7 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆240Updated 3 months ago
- Invoke-ArgFuscator is an open-source, cross-platform PowerShell module that helps generate obfuscated command-lines for common system-nat…☆233Updated 4 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆309Updated this week
- Python implementation of GhostPack's Seatbelt situational awareness tool☆265Updated 9 months ago
- ☆300Updated 9 months ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆283Updated 2 weeks ago
- LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment…☆273Updated last month
- Weaponizing DCOM for NTLM Authentication Coercions☆264Updated last month
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆241Updated 6 months ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆377Updated 3 months ago
- ☆193Updated 3 months ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆332Updated 3 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆330Updated last month
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆252Updated 8 months ago
- ☆209Updated last week
- ☆287Updated 2 years ago
- Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)☆190Updated 10 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆393Updated last month
- Some scripts to abuse kerberos using Powershell☆342Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆320Updated 9 months ago
- ☆182Updated 2 months ago
- Abusing Azure services over C2☆351Updated 2 months ago
- ☆148Updated 5 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆194Updated last year
- Automating the MITM attack on WSUS☆262Updated last month
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆373Updated 7 months ago