MorDavid / BloodHound-MCP-AIView external linksLinks
BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.
☆335Jun 2, 2025Updated 8 months ago
Alternatives and similar repositories for BloodHound-MCP-AI
Users that are interested in BloodHound-MCP-AI are comparing it to the libraries listed below
Sorting:
- Claude MCP server to perform analysis on ROADrecon data☆48Mar 30, 2025Updated 10 months ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆66Mar 17, 2025Updated 10 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆400Jul 23, 2025Updated 6 months ago
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆79Apr 2, 2025Updated 10 months ago
- Leak NTLM via Website tab in teams via MS Office☆78Mar 28, 2024Updated last year
- A PoC for Early Cascade process injection technique.☆208Jan 30, 2025Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆534May 9, 2025Updated 9 months ago
- BOF with Synthetic Stackframe☆220Oct 30, 2025Updated 3 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆433Jun 27, 2025Updated 7 months ago
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆202Mar 26, 2025Updated 10 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆203Mar 6, 2025Updated 11 months ago
- A simple POC to expose Mythic as a MCP server☆73Mar 20, 2025Updated 10 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆855Feb 3, 2024Updated 2 years ago
- Port of Cobalt Strike's Process Inject Kit☆190Dec 1, 2024Updated last year
- Scripts that automate portions of pentests.☆57Updated this week
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆635May 8, 2025Updated 9 months ago
- A BloodHound collector for Microsoft Configuration Manager☆363Jul 7, 2025Updated 7 months ago
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆585Mar 19, 2024Updated last year
- Tools for analyzing EDR agents☆277Jun 10, 2024Updated last year
- Cobalt Strike BOF for evasive .NET assembly execution☆307Mar 31, 2025Updated 10 months ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆813Mar 28, 2025Updated 10 months ago
- Lab used for workshop and CTF☆491Feb 3, 2026Updated last week
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀☆447Jan 15, 2026Updated 3 weeks ago
- Your Skyfall Infrastructure Pack☆90Jan 25, 2026Updated 2 weeks ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆260Feb 21, 2025Updated 11 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆265Apr 8, 2025Updated 10 months ago
- ☆137Nov 17, 2025Updated 2 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆264May 2, 2025Updated 9 months ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,301Nov 12, 2025Updated 3 months ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆540Nov 23, 2025Updated 2 months ago
- ☆235Oct 8, 2024Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆354Apr 26, 2025Updated 9 months ago
- Sleep obfuscation☆265Dec 13, 2024Updated last year
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 10 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆354Jan 8, 2026Updated last month
- ☆159Apr 4, 2025Updated 10 months ago