Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.g. during an Incident Response). Uses Replication metadata history parsing. Online and offline DB (backup)
☆16Feb 25, 2025Updated last year
Alternatives and similar repositories for AD-Replication-Metadata
Users that are interested in AD-Replication-Metadata are comparing it to the libraries listed below
Sorting:
- Active Directory Toolkit☆20Apr 9, 2019Updated 6 years ago
- Bash script to take the powerkatz.dll files, encode them using base64 and then replace the old binaries with the new in the Invoke-Mimika…☆16Oct 8, 2016Updated 9 years ago
- ☆53Oct 13, 2025Updated 4 months ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆31Jan 28, 2026Updated last month
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆45Jul 9, 2025Updated 7 months ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29May 5, 2018Updated 7 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Hackable Windows SandBox environment☆32Apr 20, 2023Updated 2 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Oct 12, 2021Updated 4 years ago
- Modular C# framework to exfiltrate loot over secure and trusted channels.☆132Sep 12, 2021Updated 4 years ago
- A Cobaltstrike container, built for Warhorse☆41Aug 8, 2024Updated last year
- SpicyAD is a C# Active Directory penetration testing tool designed for authorized security assessments. It combines multiple AD attack te…☆99Dec 23, 2025Updated 2 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- Multi-protocol exchange broker for IoT within the 5G-and-Beyond networks, and primary emphasis on scalability.☆12Jan 29, 2024Updated 2 years ago
- Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, w…☆93Mar 22, 2025Updated 11 months ago
- Microsoft365 Device Code Phishing Framework☆39Sep 4, 2021Updated 4 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 5 years ago
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated 11 months ago
- Pushes Sysmon Configs☆90Jun 11, 2021Updated 4 years ago
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2☆52Updated this week
- Universal/Uniform Backup Tool☆13Updated this week
- ☆10Oct 22, 2017Updated 8 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- Telegram scraper for Maltego, allows from an Alias entity to find all forwarded accounts☆11Apr 25, 2023Updated 2 years ago
- Sweetcher: For those who know the hell of enterprise proxies☆16Sep 6, 2024Updated last year
- speeds up your Rust program's execution by "priming" memory pages from your binary☆13Aug 22, 2024Updated last year
- Labs and course material for Advania course 'PowerShell Advanced Fundamentals'☆12Jan 12, 2026Updated last month
- Modular Antenna Tracker Caddy☆11Nov 14, 2023Updated 2 years ago
- JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.☆13Jul 24, 2023Updated 2 years ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated last year
- Enhance your Google account security with this comprehensive guide. It covers strong passwords, two-factor authentication, phishing preve…☆11Nov 21, 2024Updated last year
- ☆98Jun 20, 2022Updated 3 years ago
- tamper resistant audit log☆17Aug 30, 2018Updated 7 years ago
- Threat Hijacking Simple Implementation☆18Feb 24, 2025Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- Leonardo-Arduino script and python keylogger for BAD-USB aka Poor Man's RUBBER-DUCKY☆12Aug 14, 2020Updated 5 years ago
- EQGRP: Replicating DarkPulsar, an DLL capable of hooking Security Package Method Tables on the Heap!☆10Oct 11, 2020Updated 5 years ago