ST1LLY / dc-sonar
Analyzing AD domains for security risks related to user accounts
☆63Updated last year
Related projects ⓘ
Alternatives and complementary repositories for dc-sonar
- CIS Benchmark testing of Windows SIEM configuration☆43Updated last year
- Retrieve AD accounts description and search for password in it☆83Updated 2 years ago
- A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.☆79Updated 10 months ago
- Red Teaming & Active Directory Cheat Sheet.☆39Updated last year
- Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.☆82Updated last year
- RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.☆57Updated 2 years ago
- CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"☆46Updated 2 years ago
- Active DIrectory Lab for Pentesting Practice☆24Updated 2 years ago
- User enumeration and password spraying tool for testing Azure AD☆68Updated 2 years ago
- RDP Checker☆62Updated 8 months ago
- EC2StepShell is an AWS post-exploitation tool for getting high privileges reverse shells in public or private EC2 instances.☆60Updated last month
- cvet is a Python utility for pulling actionable vulnerabilities from cvetrends.com☆38Updated 2 years ago
- Linux Post-Exploitation tools wrapper☆20Updated last year
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 2 years ago
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆85Updated last year
- ☆46Updated 2 years ago
- A basic username enumeration and password spraying tool aimed at spraying Microsoft's DOM based authentication using selenium.☆32Updated 11 months ago
- Convert ldapdomaindump to Bloodhound☆76Updated 10 months ago
- ☆24Updated 3 years ago
- Azure AD enumeration over MS Graph☆80Updated last year
- Microsoft Exchange password spray tool with proxy support.☆40Updated 3 years ago
- Enumerate valid users within Microsoft Teams and OneDrive with clean output.☆58Updated last month
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive data☆43Updated 11 months ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆36Updated last year
- Azure pentesting reference for Altered Security Lab☆24Updated 2 years ago
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆98Updated 4 months ago
- C2 Automation using Linode☆78Updated 2 years ago
- Searching .evtx logs for remote connections☆23Updated last year
- Simple PoC from Malicious Payload Injection from Windows Event Log Entry☆26Updated 2 years ago