YossiSassi / AD-Replication-MetadataLinks
Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.g. during an Incident Response). Uses Replication metadata history parsing. Online and offline DB (backup)
☆16Updated 3 months ago
Alternatives and similar repositories for AD-Replication-Metadata
Users that are interested in AD-Replication-Metadata are comparing it to the libraries listed below
Sorting:
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 2 years ago
- Takes the original idea of NetCease and adds functionality☆24Updated 3 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated 2 years ago
- ☆14Updated last year
- Repository for LNK stuff☆30Updated 2 years ago
- self-hosted Azure OSINT tool☆30Updated 8 months ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Updated 2 years ago
- Python tool to find vulnerable AD object and generating csv report☆14Updated 2 years ago
- The repository accompanying the Buer Emulation workshop☆24Updated 3 years ago
- General Content☆26Updated 10 months ago
- PetitPotam fork with Kerberos support in the impacket script☆17Updated 3 years ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- A list of IOCs applicable to PoshC2☆24Updated 4 years ago
- Threat Mitigation Strategies☆25Updated last year
- Reproducible and extensible BloodHound playbooks☆43Updated 5 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Updated 2 years ago
- ☆45Updated last year
- Parser for Windows PowerShell script block logs☆13Updated 5 months ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+☆18Updated 3 months ago
- Firebase Domain Front Code☆21Updated 4 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆17Updated last year
- ☆13Updated last year
- A collection of my presentation materials.☆17Updated last year
- Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…☆17Updated 4 years ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 3 years ago
- ☆23Updated 3 years ago
- Log converter from CS log to Ghostwriter CSV☆30Updated 4 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year