A Azure Exploitation Toolkit for Red Team & Pentesters
☆165May 6, 2023Updated 2 years ago
Alternatives and similar repositories for BlueMap
Users that are interested in BlueMap are comparing it to the libraries listed below
Sorting:
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- ☆19Nov 28, 2024Updated last year
- Apply a divide and conquer approach to bypass EDRs☆286Oct 19, 2023Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆526Feb 27, 2026Updated 3 weeks ago
- Retrieve AD accounts description and search for password in it☆81Jul 21, 2022Updated 3 years ago
- Azure DevOps Services Attack Toolkit☆150Mar 15, 2025Updated last year
- Extension functionality for the NightHawk operator client☆26Oct 31, 2023Updated 2 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆505Mar 4, 2026Updated 2 weeks ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,373Mar 9, 2026Updated last week
- Table of AD and Azure assets and whether they belong to Tier Zero☆258Mar 2, 2026Updated 2 weeks ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆672Oct 23, 2025Updated 4 months ago
- ☆120Mar 28, 2025Updated 11 months ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆369Dec 24, 2021Updated 4 years ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆484Jul 9, 2024Updated last year
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- BloodHound Attack Research Kit☆586Mar 18, 2025Updated last year
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- ☆109Feb 21, 2023Updated 3 years ago
- The purpose of this project is to publish and maintain the deployment PowerShell script that automates deployments for Active Directory C…☆258Nov 24, 2023Updated 2 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆326Nov 6, 2022Updated 3 years ago
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆129Jul 5, 2024Updated last year
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.☆1,488Feb 18, 2026Updated last month
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,135Oct 21, 2024Updated last year
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆401Jan 10, 2025Updated last year
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆368Jun 24, 2025Updated 8 months ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆741May 19, 2023Updated 2 years ago
- Roast in the Middle☆294Sep 19, 2025Updated 6 months ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- Collection of tools to use with Azure Applications☆113Oct 13, 2023Updated 2 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- Azure Post Exploitation Framework☆245Oct 27, 2025Updated 4 months ago