NetSPI / PowerHunt
PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
☆69Updated 4 months ago
Alternatives and similar repositories for PowerHunt:
Users that are interested in PowerHunt are comparing it to the libraries listed below
- PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …☆93Updated last year
- ☆88Updated 2 weeks ago
- Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04☆110Updated 10 months ago
- Kerberoast Detection Script☆30Updated 5 months ago
- Expose a lot of MDE telemetry that is not easily accessible in any searchable form☆105Updated 4 months ago
- Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on☆81Updated 11 months ago
- Tool to extract powerful tokens from Office desktop apps memory☆71Updated last year
- Simple PowerShell script to enable process scanning with Yara.☆93Updated 2 years ago
- Collection of tools to use with Azure Applications☆108Updated last year
- Reportly is an AzureAD user activity report tool.☆92Updated last year
- Veil-PowerView is a powershell tool to gain network situational awareness on Windows domains.☆57Updated 10 years ago
- GoldenSAML Attack Libraries and Framework☆73Updated 10 months ago
- ☆100Updated 2 years ago
- GolenGMSA tool for working with GMSA passwords☆145Updated last year
- So, you think you have MFA? AAD/ROPC/MFA bypass testing tool☆109Updated 2 years ago
- ☆23Updated 3 years ago
- ☆82Updated 2 years ago
- Pushes Sysmon Configs☆88Updated 3 years ago
- SMBMap is a handy SMB enumeration tool - here with Kerberos support☆73Updated 3 years ago
- Hybrid AD utilities for ROADtools☆72Updated 2 months ago
- AAD related enumeration in Nim☆129Updated last year
- InfoSec Notes☆56Updated last year
- ☆53Updated 8 months ago
- ☆36Updated 9 months ago
- Azure AD cheatsheet for the CARTP course☆113Updated 2 years ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆39Updated 11 months ago
- Material for the "Hands-On BloodHound" Workshop☆108Updated 3 years ago
- DEFCON 31 slide deck and video link☆59Updated 9 months ago
- Identify the attack paths in BloodHound breaking your AD tiering☆320Updated 2 years ago
- ☆55Updated last year