bagelByt3s / LudusHoundView external linksLinks
LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.
☆354Sep 3, 2025Updated 5 months ago
Alternatives and similar repositories for LudusHound
Users that are interested in LudusHound are comparing it to the libraries listed below
Sorting:
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆359Jan 29, 2026Updated 2 weeks ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆859Feb 3, 2024Updated 2 years ago
- ☆137Nov 17, 2025Updated 2 months ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 3 months ago
- A Python POC for CRED1 over SOCKS5☆164Oct 5, 2024Updated last year
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆418Sep 29, 2025Updated 4 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,030Dec 31, 2025Updated last month
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 5 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆167Nov 17, 2025Updated 3 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph☆291Feb 10, 2026Updated last week
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆387Feb 23, 2024Updated last year
- AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover se…☆1,471Jan 23, 2026Updated 3 weeks ago
- ☆235May 19, 2025Updated 8 months ago
- ☆41Feb 20, 2025Updated 11 months ago
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆398Jan 14, 2026Updated last month
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 5 months ago
- ☆230Jun 10, 2025Updated 8 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆188Dec 23, 2025Updated last month
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆655Jan 16, 2026Updated last month
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆287Apr 29, 2025Updated 9 months ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,307Nov 12, 2025Updated 3 months ago
- Enumerate Domain Users Without Authentication☆281Apr 22, 2025Updated 9 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆264May 2, 2025Updated 9 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆273Dec 27, 2024Updated last year
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆400Jul 23, 2025Updated 6 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆772Jan 26, 2026Updated 3 weeks ago
- Lab used for workshop and CTF☆491Feb 3, 2026Updated last week
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆601Dec 9, 2025Updated 2 months ago
- An Ansible collection that installs an SCCM deployment with optional configurations.☆101Dec 8, 2025Updated 2 months ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆830Dec 2, 2023Updated 2 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆886Updated this week
- Automating the MITM attack on WSUS☆306Jan 4, 2026Updated last month
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆670Aug 15, 2025Updated 6 months ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆146Jul 17, 2025Updated 7 months ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆98Apr 13, 2023Updated 2 years ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆260Feb 21, 2025Updated 11 months ago