YossiSassi / AD-Replication-MetadataLinks
Track previous changes on specific AD accounts (users, computers) and Groups (online DC), even if event logs were wiped/not collected (e.g. during an Incident Response). Uses Replication metadata history parsing. Online and offline DB (backup)
☆16Updated 7 months ago
Alternatives and similar repositories for AD-Replication-Metadata
Users that are interested in AD-Replication-Metadata are comparing it to the libraries listed below
Sorting:
- Takes the original idea of NetCease and adds functionality☆24Updated 3 years ago
- General Content☆26Updated last year
- This is a repo for fetching Applocker event log by parsing the win-event log☆31Updated 3 years ago
- blame Huy☆42Updated 4 years ago
- a tiny program to consume from ETW providers for research☆52Updated 8 months ago
- ☆23Updated 6 months ago
- Python tool to find vulnerable AD object and generating csv report☆26Updated 3 years ago
- ☆21Updated last week
- ☆23Updated 3 years ago
- Python tool to find vulnerable AD object and generating csv report☆14Updated 3 years ago
- Bloodhound Portable for Windows☆53Updated 2 years ago
- ☆28Updated 5 years ago
- Active Directory Group Policy analyzer☆18Updated 6 years ago
- PS-TrustedDocuments: PowerShell script to handle information on trusted documents for Microsoft Office☆35Updated 2 years ago
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Updated last year
- Parses Nessus .nessus files for exploitable vulnerabilities and outputs a report file in format MM-DD-YYYY-nessus.csv☆39Updated last month
- Files to automatically deploy red team Active Directory test lab☆47Updated 3 years ago
- Tool to perform lateral movement between AAD joined devices☆64Updated 3 years ago
- ☆18Updated 2 years ago
- This script generates a groups.xml file that mimics a real GPP to create a new user on domain-joined computers☆46Updated 5 years ago
- ☆45Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Updated 2 years ago
- Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption☆19Updated 3 years ago
- WMI SA stuffs☆30Updated 3 years ago
- Repository for LNK stuff☆31Updated 3 years ago
- ☆85Updated 2 years ago
- A set of hashcat hcmask files, prioritized by cracking efficiency... and the hcmask_Generator_9000.xlsx tool.☆23Updated last year
- self-hosted Azure OSINT tool☆31Updated 3 months ago
- Create a cool process tree like https://twitter.com/ACEResponder.☆35Updated 2 years ago
- Go module that allows you to authenticate to Azure with a well known client ID using interactive logon and grab the token☆26Updated 2 years ago