Alternatives and similar repositories for PowerHunt

Users that are interested in PowerHunt are comparing it to the libraries listed below

• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆97Updated last month
• DefensiveOrigins / DO-LAB
  ☆49Updated 2 weeks ago
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆154Updated 2 weeks ago
• YossiSassi / hAcKtive-Directory-Forensics
  ☆53Updated 2 months ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆116Updated last year
• secureworks / PhishInSuits
  ☆119Updated 4 years ago
• csandker / Azure-AccessPermissions
  ☆110Updated 2 years ago
• Sam0x90 / CTI
  Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on
  ☆84Updated last year
• nyxgeek / track_the_planet
  DEFCON 31 slide deck and video link
  ☆66Updated 6 months ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆72Updated last year
• trustedsec / User-Behavior-Mapping-Tool
  ☆167Updated 2 years ago
• darkoperator / Veil-PowerView
  Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.
  ☆62Updated 10 years ago
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆113Updated 4 months ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated last year
• Synzack / PynAuth
  ☆41Updated last year
• ImpostorKeanu / bl-bfg
  ☆36Updated last year
• haim-n / Windows-Security-Assessment
  Assess Windows OS for security misconfigurations and hardening opportunities.
  ☆35Updated last year
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆53Updated 2 years ago
• C0axx / CanaryHunter
  Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org
  ☆124Updated 3 years ago
• secureworks / TokenMan
  ☆105Updated 3 years ago
• ScarredMonk / PopulateActiveDirectory
  Powershell script to build active directory forest and populate AD with random AD objects including AD users objects, computers objects, …
  ☆39Updated 3 years ago
• sans-blue-team / DNS-Exfiltrate
  ☆28Updated 2 years ago
• Qazeer / InfoSec-Notes
  InfoSec Notes
  ☆60Updated last year
• techBrandon / CAPs
  Scripts to enumerate and report on Entra Conditional Access
  ☆39Updated 3 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆96Updated 3 years ago
• GabrielDuschl / Automated-CME-Password-Spraying
  A script designed to test passwords against user accounts within an Active Directory environment, offering customizable Account Lockout T…
  ☆16Updated 2 years ago
• secureworks / whiskeysamlandfriends
  GoldenSAML Attack Libraries and Framework
  ☆77Updated last year
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• jischell-msft / RemoteManagementMonitoringTools
  Collection of Remote Management Monitoring tool artifacts, for assisting forensics and investigations
  ☆102Updated 4 months ago
• wunderwuzzi23 / ropci
  So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
  ☆126Updated 3 years ago