LudusHound is a tool for red and blue teams that transforms BloodHound data into a fully functional, Active Directory replica environment via Ludus for controlled testing.
☆360Sep 3, 2025Updated 6 months ago
Alternatives and similar repositories for LudusHound
Users that are interested in LudusHound are comparing it to the libraries listed below
Sorting:
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆364Jan 29, 2026Updated last month
- ☆138Nov 17, 2025Updated 3 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆863Feb 3, 2024Updated 2 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,035Dec 31, 2025Updated 2 months ago
- Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC☆424Sep 29, 2025Updated 5 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆145Apr 18, 2025Updated 10 months ago
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 5 months ago
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy☆167Nov 17, 2025Updated 3 months ago
- PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph☆293Feb 10, 2026Updated last month
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆311Feb 16, 2026Updated 3 weeks ago
- AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover se…☆1,475Jan 23, 2026Updated last month
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆386Feb 23, 2024Updated 2 years ago
- ☆241May 19, 2025Updated 9 months ago
- ☆41Feb 20, 2025Updated last year
- PowerShell scripts for alternative SharpHound enumeration, including users, groups, computers, and certificates, using the ActiveDirector…☆401Jan 14, 2026Updated last month
- Tools for interacting with authentication packages using their individual message protocols☆409Mar 1, 2026Updated last week
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- ☆232Jun 10, 2025Updated 9 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆191Feb 16, 2026Updated 3 weeks ago
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆656Jan 16, 2026Updated last month
- Windows protocol library, including SMB and RPC implementations, among others.☆674Jan 21, 2026Updated last month
- Enumerate Domain Users Without Authentication☆282Apr 22, 2025Updated 10 months ago
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,317Nov 12, 2025Updated 3 months ago
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆338Jun 2, 2025Updated 9 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆275May 2, 2025Updated 10 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆261Feb 21, 2025Updated last year
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆399Jul 23, 2025Updated 7 months ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆779Jan 26, 2026Updated last month
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆276Dec 27, 2024Updated last year
- Lab used for workshop and CTF☆500Feb 3, 2026Updated last month
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆609Dec 9, 2025Updated 3 months ago
- An Ansible collection that installs an SCCM deployment with optional configurations.☆101Dec 8, 2025Updated 3 months ago
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆638May 8, 2025Updated 10 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Updated this week
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆839Dec 2, 2023Updated 2 years ago
- ACL Viewer for Windows☆133May 4, 2025Updated 10 months ago