XTeam-Wing/Hunting-Active-Directory external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

XTeam-Wing/Hunting-Active-Directory

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/XTeam-Wing/Hunting-Active-Directory)

Close

XTeam-Wing / Hunting-Active-DirectoryView on GitHubMore

• External links
• Readme badge

个人整理的一些域渗透Tricks，可能有一些错误。

☆259May 3, 2021Updated 4 years ago

Alternatives and similar repositories for Hunting-Active-Directory

Users that are interested in Hunting-Active-Directory are comparing it to the libraries listed below

• JDArmy / DCSec

  View on GitHub
  域控安全one for all
  ☆736Sep 9, 2024Updated last year
• b0bac / GetMail

  View on GitHub
  利用NTLM Hash读取Exchange邮件
  ☆441Jan 7, 2025Updated last year
• Daybr4ak / C2ReverseProxy

  View on GitHub
  一款可以在不出网的环境下进行反向代理及cs上线的工具
  ☆491Apr 26, 2023Updated 2 years ago
• XTeam-Wing / RedTeaming2020

  View on GitHub
  RedTeaming知识星球2020年安全知识汇总
  ☆473May 5, 2021Updated 4 years ago
• dr0op / CrossNet-Beta

  View on GitHub
  红队行动中利用白利用、免杀、自动判断网络环境生成钓鱼可执行文件。
  ☆366Jun 19, 2024Updated last year
• chriskaliX / AD-Pentest-Notes

  View on GitHub
  用于记录内网渗透(域渗透)学习 :-)
  ☆1,236Nov 9, 2020Updated 5 years ago
• feihong-cs / Java-Rce-Echo

  View on GitHub
  Java RCE 回显测试代码
  ☆1,016Oct 15, 2020Updated 5 years ago
• safe6Sec / PentestDB

  View on GitHub
  各种数据库的利用姿势
  ☆1,034Jan 3, 2025Updated last year
• evilashz / SharpADUserIP

  View on GitHub
  提取DC日志，快速获取域用户对应IP地址
  ☆308Mar 21, 2022Updated 3 years ago
• Y4er / WebLogic-Shiro-shell

  View on GitHub
  WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞，一键注册蚁剑filter内存shell
  ☆535Aug 25, 2020Updated 5 years ago
• safe6Sec / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆1,825Oct 20, 2023Updated 2 years ago
• Airboi / bypass-av-note

  View on GitHub
  免杀技术大杂烩---乱拳也打不死老师傅
  ☆1,094Mar 29, 2021Updated 4 years ago
• uknowsec / SharpSQLTools

  View on GitHub
  SharpSQLTools 和@Rcoil一起写的小工具，可上传下载文件，xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作。
  ☆965Aug 5, 2021Updated 4 years ago
• FunnyWolf / TFirewall

  View on GitHub
  防火墙出网探测工具,内网穿透型socks5代理
  ☆269Nov 12, 2021Updated 4 years ago
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆506May 20, 2022Updated 3 years ago
• boy-hack / go-strip

  View on GitHub
  清除Go编译时自带的信息
  ☆855Jul 20, 2022Updated 3 years ago
• lzzbb / Adinfo

  View on GitHub
  域信息收集工具
  ☆412Sep 16, 2022Updated 3 years ago
• r0eXpeR / fingerprint

  View on GitHub
  各种工具指纹收集分享
  ☆529Nov 3, 2021Updated 4 years ago
• novysodope / RMI_Inj_MemShell

  View on GitHub
  rmi打内存马工具，适用于目标用不了ldap的情况
  ☆254Jul 12, 2023Updated 2 years ago
• Rvn0xsy / SchtaskCreator

  View on GitHub
  远程创建任务计划工具
  ☆190Apr 23, 2022Updated 3 years ago
• bitterzzZZ / MemoryShellLearn

  View on GitHub
  分享几个直接可用的内存马，记录一下学习过程中看过的文章
  ☆975Mar 23, 2022Updated 3 years ago
• exp1orer / JNDI-Inject-Exploit

  View on GitHub
  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
  ☆770Jan 26, 2022Updated 4 years ago
• ybdt / post-hub

  View on GitHub
  Lateral movement
  ☆943Updated this week
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 4 years ago
• lengjibo / RedTeamTools

  View on GitHub
  记录自己编写、修改的部分工具
  ☆1,461Oct 19, 2025Updated 4 months ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,467Apr 25, 2024Updated last year
• dr0op / shiro-550-with-NoCC

  View on GitHub
  Shiro-550 不依赖CC链利用工具
  ☆451Jun 19, 2024Updated last year
• QAX-A-Team / sharpwmi

  View on GitHub
  sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。
  ☆716Aug 3, 2021Updated 4 years ago
• threedr3am / JSP-WebShells

  View on GitHub
  Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势
  ☆1,404Jan 18, 2022Updated 4 years ago
• seventeenman / CallBackDump

  View on GitHub
  dump lsass进程工具
  ☆561Jul 20, 2023Updated 2 years ago
• Rvn0xsy / Pricking

  View on GitHub
  基于反向代理的水坑部署工具
  ☆261Dec 31, 2021Updated 4 years ago
• SkewwG / domainTools

  View on GitHub
  内网域渗透小工具
  ☆734Apr 20, 2021Updated 4 years ago
• uknowsec / SharpToolsAggressor

  View on GitHub
  内网渗透中常用的c#程序整合成cs脚本，直接内存加载。持续更新~
  ☆498Feb 13, 2020Updated 6 years ago
• r0eXpeR / redteam_vul

  View on GitHub
  红队作战中比较常遇到的一些重点系统漏洞整理。
  ☆2,522Jul 17, 2021Updated 4 years ago
• JDArmy / SharpXDecrypt

  View on GitHub
  Xshell全版本密码恢复工具
  ☆928Jun 8, 2023Updated 2 years ago
• crisprss / BypassUserAdd

  View on GitHub
  通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化
  ☆344Apr 10, 2022Updated 3 years ago
• atsud0 / frp-modify

  View on GitHub
  frp0.38.1 支持域前置、远程加载配置文件、配置文件自删除、流量特征修改
  ☆133Apr 26, 2022Updated 3 years ago
• hayasec / 360SafeBrowsergetpass

  View on GitHub
  这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具，用于节省红队工作量，通过下载浏览器数据库、记录密钥来离线解密浏览器密码。
  ☆638Apr 4, 2021Updated 4 years ago
• mai1zhi2 / SharpBeacon

  View on GitHub
  CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon，其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能
  ☆731Sep 1, 2021Updated 4 years ago