Alternatives and similar repositories for BloodHoundOperator

Users that are interested in BloodHoundOperator are comparing it to the libraries listed below

• t3hbb / PanGP_Extractor
  Tool to extract username and password of current user from PanGPA in plaintext
  ☆89Updated last year
• CCob / Shwmae
  ☆160Updated last year
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆92Updated 2 months ago
• kiwids0220 / deviceCode2WinHello
  A small script that automates Entra ID persistence with Windows Hello For Business key
  ☆65Updated 11 months ago
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆164Updated last year
• Logisek / AZexec
  The Azure Execution Tool
  ☆37Updated last week
• temp43487580 / EntraPassTheCert
  tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it
  ☆131Updated 5 months ago
• logangoins / SOAPy
  SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆158Updated 2 weeks ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆95Updated last year
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆181Updated 8 months ago
• HuskyHacks / SharpTokenFinder
  C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps
  ☆144Updated last year
• emiliensocchi / azurehound-queries
  🌩️ Collection of BloodHound queries for Azure
  ☆82Updated last year
• andrecrafts / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆34Updated 4 months ago
• danti1988 / adcshunter
  Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.
  ☆82Updated last year
• bitsadmin / lofl
  Living Off the Foreign Land setup scripts
  ☆74Updated 11 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆102Updated 9 months ago
• Krypteria / Neo4LDAP
  Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…
  ☆93Updated 2 weeks ago
• powerseb / PowerExtract
  ☆120Updated 10 months ago
• Friends-Security / sharefiltrator
  tool for enumeration & bulk download of sensitive files found in SharePoint environments
  ☆79Updated 10 months ago
• skelsec / pysnaffler
  pysnaffler
  ☆110Updated last month
• Thunter-HackTeam / EvilentCoerce
  ☆159Updated 9 months ago
• bagelByt3s / ludus_adfs
  An Ansible collection that installs an ADFS deployment with optional configurations.
  ☆44Updated last month
• Shac0x / Wonka
  Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…
  ☆162Updated 3 months ago
• rotarydrone / GlobalUnProtect
  Decrypt GlobalProtect configuration and cookie files.
  ☆158Updated last year
• MorDavid / DCSyncHound
  This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)
  ☆66Updated 10 months ago
• dirkjanm / scepreq
  SCEP request tool for AD CS and Intune
  ☆73Updated 3 months ago
• ibaiC / MFade
  A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…
  ☆50Updated 6 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆118Updated last year
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆71Updated 3 years ago
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆169Updated last year