MattKeeley / Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
☆634Updated last month
Related projects ⓘ
Alternatives and complementary repositories for Spoofy
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆316Updated 3 weeks ago
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆381Updated 3 months ago
- onedrive user enumeration - pentest tool to enumerate valid o365 users☆623Updated last month
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆583Updated 5 months ago
- An open-source self-hosted purple team management web application.☆241Updated 3 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆209Updated 2 months ago
- ☆447Updated 6 months ago
- a tool to help operate in EDRs' blind spots☆654Updated 7 months ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆979Updated 3 months ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆244Updated last week
- Username enumeration and password spraying tool aimed at Microsoft O365.☆770Updated 2 weeks ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆480Updated last year
- Azure Data Exporter for BloodHound☆565Updated 2 months ago
- Azure JWT Token Manipulation Toolset☆602Updated last year
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,064Updated 6 months ago
- Okta Verify and Okta FastPass Abuse Tool☆289Updated 2 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆241Updated 6 months ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆702Updated last year
- Zero-dollar attack surface management tool☆262Updated 7 months ago
- SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applic…☆448Updated 7 months ago
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆542Updated 3 months ago
- ☆650Updated this week
- An offensive data enrichment pipeline☆616Updated 2 months ago
- A RedTeam Toolkit☆385Updated last month
- BloodHound Attack Research Kit☆495Updated this week
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆403Updated 3 months ago
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,008Updated 2 weeks ago
- Automated Active Directory Enumeration☆415Updated this week
- BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfi…☆424Updated 2 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆655Updated 9 months ago