Alternatives and similar repositories for bloodhound-automation

Users that are interested in bloodhound-automation are comparing it to the libraries listed below

• LuemmelSec / Custom-BloodHound-Queries
  ☆178Updated 6 months ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆173Updated 9 months ago
• zh54321 / SnafflerParser
  Parses Snaffler output file and generate beautified outputs.
  ☆100Updated 4 months ago
• TheManticoreProject / FindGPPPasswords
  A cross-platform tool to find and decrypt Group Policy Preferences passwords from the SYSVOL share using low-privileged domain accounts
  ☆153Updated last month
• absolomb / FindMeAccess
  ☆90Updated last month
• Leo4j / Invoke-SessionHunter
  Retrieve and display information about active user sessions on remote computers. No admin privileges required.
  ☆186Updated 9 months ago
• LuemmelSec / APEX
  Azure Post Exploitation Framework
  ☆199Updated 3 months ago
• zimedev / certipy-merged
  Tool for Active Directory Certificate Services enumeration and abuse
  ☆161Updated last month
• akamai / BadSuccessor
  ☆162Updated 2 weeks ago
• dirkjanm / roadtools_hybrid
  Hybrid AD utilities for ROADtools
  ☆74Updated last week
• synacktiv / SCCMSecrets
  SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
  ☆211Updated 2 weeks ago
• coffeegist / bofhound
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆229Updated 2 weeks ago
• decoder-it / KrbRelay-SMBServer
  ☆219Updated 7 months ago
• xforcered / SoaPy
  SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
  ☆224Updated 3 months ago
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆116Updated 3 years ago
• synacktiv / Invoke-RunAsWithCert
  A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
  ☆154Updated last year
• CCob / DRSAT
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆237Updated 5 months ago
• badsectorlabs / sccm-http-looter
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
  ☆188Updated 8 months ago
• CompassSecurity / bloodhoundce-resources
  ☆50Updated last week
• zh54321 / PoCEntraDeviceComplianceBypass
  Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy
  ☆142Updated 3 months ago
• CCob / Shwmae
  ☆151Updated 4 months ago
• garrettfoster13 / aced
  ☆159Updated 6 months ago
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆129Updated last year
• RedTeamPentesting / keycred
  Generate and Manage KeyCredentialLinks
  ☆158Updated 3 weeks ago
• synacktiv / GPOddity
  The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
  ☆306Updated 6 months ago
• g0h4n / RustHound-CE
  Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀
  ☆197Updated 3 months ago
• xforcered / RemoteMonologue
  Weaponizing DCOM for NTLM Authentication Coercions
  ☆223Updated last month
• trustedsec / specula
  ☆191Updated 8 months ago
• mlcsec / Graphpython
  Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit
  ☆147Updated 5 months ago
• CrowdStrike / sccmhound
  A BloodHound collector for Microsoft Configuration Manager
  ☆320Updated 5 months ago