☆176Apr 22, 2023Updated 2 years ago
Alternatives and similar repositories for XMGoat
Users that are interested in XMGoat are comparing it to the libraries listed below
Sorting:
- NTLM relaying for Windows made easy☆579Apr 25, 2023Updated 2 years ago
- Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved…☆63Aug 11, 2021Updated 4 years ago
- ☆614Jun 1, 2023Updated 2 years ago
- RDP Checker☆64Feb 23, 2024Updated 2 years ago
- Azure Security Resources and Notes☆1,713Feb 17, 2026Updated 2 weeks ago
- Azure Red Team tool for graphing Azure and Azure Active Directory objects☆1,685Jan 8, 2024Updated 2 years ago
- Get Fine Grained Password Policy☆77Apr 15, 2025Updated 10 months ago
- AzureRT - A Powershell module implementing various Azure Red Team tactics☆233Jun 17, 2022Updated 3 years ago
- ☆39Jul 29, 2021Updated 4 years ago
- Crack MSCHAPv2 challenge/responses quickly using a database of NT hashes☆139Mar 19, 2024Updated last year
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- Azure JWT Token Manipulation Toolset☆716Dec 6, 2024Updated last year
- Process dumper wrote in rust.☆14Sep 16, 2024Updated last year
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,530Feb 5, 2026Updated 3 weeks ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- nuke that event log using some epic dinvoke fu☆118May 12, 2021Updated 4 years ago
- Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon☆342Jun 6, 2022Updated 3 years ago
- ☆139Mar 29, 2023Updated 2 years ago
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆917Oct 30, 2024Updated last year
- Check for LDAP protections regarding the relay of NTLM authentication☆530Nov 19, 2024Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Aug 2, 2025Updated 7 months ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Feb 18, 2026Updated 2 weeks ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆483Jul 9, 2024Updated last year
- ☆88Jul 28, 2022Updated 3 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆182Aug 4, 2021Updated 4 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…☆1,097Feb 20, 2026Updated last week
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 4 months ago
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 11 months ago
- PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…☆413May 29, 2024Updated last year
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆107Jun 27, 2024Updated last year
- ☆344Sep 13, 2021Updated 4 years ago
- A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure☆753Oct 14, 2023Updated 2 years ago
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,033Dec 31, 2025Updated 2 months ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- ☆415Apr 28, 2021Updated 4 years ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆488Updated this week