BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to analyze Active Directory attack paths using natural language instead of complex Cypher queries.
☆338Jun 2, 2025Updated 9 months ago
Alternatives and similar repositories for BloodHound-MCP-AI
Users that are interested in BloodHound-MCP-AI are comparing it to the libraries listed below
Sorting:
- Claude MCP server to perform analysis on ROADrecon data☆48Mar 30, 2025Updated 11 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆399Jul 23, 2025Updated 7 months ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆66Mar 17, 2025Updated 11 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 9 months ago
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆81Apr 2, 2025Updated 11 months ago
- A PoC for Early Cascade process injection technique.☆211Jan 30, 2025Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago
- Port of Cobalt Strike's Process Inject Kit☆192Dec 1, 2024Updated last year
- A BloodHound collector for Microsoft Configuration Manager☆392Jul 7, 2025Updated 8 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆95Feb 3, 2026Updated last month
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated 11 months ago
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆637May 8, 2025Updated 9 months ago
- ☆234Oct 8, 2024Updated last year
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆204Mar 6, 2025Updated last year
- Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).☆586Mar 19, 2024Updated last year
- A simple POC to expose Mythic as a MCP server☆73Mar 20, 2025Updated 11 months ago
- ☆138Nov 17, 2025Updated 3 months ago
- Scripts that automate portions of pentests.☆57Updated this week
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆267Apr 8, 2025Updated 10 months ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆813Mar 28, 2025Updated 11 months ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,314Nov 12, 2025Updated 3 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆275May 2, 2025Updated 10 months ago
- Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀☆460Jan 15, 2026Updated last month
- Lab used for workshop and CTF☆500Feb 3, 2026Updated last month
- Stage 0☆169Dec 18, 2024Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- Your Skyfall Infrastructure Pack☆89Jan 25, 2026Updated last month
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆354Apr 26, 2025Updated 10 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated 2 years ago
- BOF for Kerberos abuse (an implementation of some important features of the Rubeus).☆549Nov 23, 2025Updated 3 months ago
- ☆108Aug 21, 2024Updated last year
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆262Feb 21, 2025Updated last year