Alternatives and similar repositories for PowerHunt

Users that are interested in PowerHunt are comparing it to the libraries listed below

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆97Updated 2 months ago
• darkoperator / Veil-PowerView
  Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.
  ☆62Updated 10 years ago
• csandker / Azure-AccessPermissions
  ☆110Updated 2 years ago
• DefensiveOrigins / DO-LAB
  ☆50Updated last week
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆124Updated 3 years ago
• secureworks / PhishInSuits
  ☆119Updated 4 years ago
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆155Updated last month
• YossiSassi / hAcKtive-Directory-Forensics
  ☆53Updated 3 months ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆72Updated last year
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆84Updated last year
• tothi / smbmap
  SMBMap is a handy SMB enumeration tool - here with Kerberos support
  ☆73Updated 4 years ago
• ScarredMonk / PopulateActiveDirectory
  Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …
  ☆39Updated 4 years ago
• trustedsec / User-Behavior-Mapping-Tool
  ☆168Updated 2 years ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆97Updated 3 years ago
• JoelGMSec / AzureGraph
  Azure AD enumeration over MS Graph
  ☆82Updated 3 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated last year
• secureworks / TokenMan
  ☆105Updated 3 years ago
• haim-n / Windows-Security-Assessment
  Assess Windows OS for security misconfigurations and hardening opportunities.
  ☆35Updated last year
• sap8899 / reportly
  Reportly is an AzureAD user activity report tool.
  ☆95Updated 2 years ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆116Updated last year
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆113Updated 5 months ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆53Updated 2 years ago
• magicsword-io / LOLBASline
  Baseline a Windows System against LOLBAS
  ☆69Updated last year
• secureworks / whiskeysamlandfriends
  GoldenSAML Attack Libraries and Framework
  ☆77Updated last year
• DCScoder / ESXiTri
  ESXi Cyber Security Incident Response Script
  ☆25Updated last year
• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆66Updated 7 months ago
• elementalsouls / DumpLSASS
  ☆33Updated last year
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆41Updated 4 months ago
• wunderwuzzi23 / ropci
  So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
  ☆126Updated 3 years ago
• sans-blue-team / DNS-Exfiltrate
  ☆28Updated 3 years ago