Collection of offensive tools targeting Microsoft Azure
☆218Jan 18, 2023Updated 3 years ago
Alternatives and similar repositories for offensive-azure
Users that are interested in offensive-azure are comparing it to the libraries listed below
Sorting:
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Federated Office365 user enumeration based on correlated response trend analysis☆49May 3, 2022Updated 3 years ago
- Azure JWT Token Manipulation Toolset☆716Dec 6, 2024Updated last year
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 4 months ago
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆367Jun 24, 2025Updated 8 months ago
- An Office365 User Attack Tool☆646Mar 19, 2024Updated last year
- Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!☆1,303Updated this week
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆97Apr 13, 2023Updated 2 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- AzureRT - A Powershell module implementing various Azure Red Team tactics☆233Jun 17, 2022Updated 3 years ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆199Sep 19, 2022Updated 3 years ago
- MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).☆414Jan 13, 2026Updated last month
- BLS-Bible is a knowledge-base application that houses a collection of guides and write-ups that BLS uses for our various operations.☆30Aug 28, 2023Updated 2 years ago
- A collection of scripts for assessing Microsoft Azure security☆2,309Oct 29, 2025Updated 4 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆484Sep 24, 2025Updated 5 months ago
- TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!☆1,305Jan 29, 2026Updated last month
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆346Mar 4, 2025Updated last year
- Find Microsoft Exchange instance for a given domain and identify the exact version☆188Jan 30, 2023Updated 3 years ago
- ☆145Oct 31, 2023Updated 2 years ago
- ETM enables the creation of detailed attack graphs and figures while calculating the risk associated with your attack narratives. ETM was…☆26Mar 3, 2023Updated 3 years ago
- retrieve information via O365 and AzureAD with a valid cred☆732Aug 14, 2022Updated 3 years ago
- User enumeration and password spraying tool for testing Azure AD☆71Mar 3, 2022Updated 4 years ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- Azure Security Resources and Notes☆1,713Feb 17, 2026Updated 2 weeks ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,263Mar 19, 2025Updated 11 months ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆779Oct 16, 2025Updated 4 months ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆393Feb 9, 2026Updated 3 weeks ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆744Aug 18, 2023Updated 2 years ago
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 11 months ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- Azure DevOps Services Attack Toolkit☆150Mar 15, 2025Updated 11 months ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆483Jul 9, 2024Updated last year
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆673Feb 17, 2026Updated 2 weeks ago
- A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.☆445Aug 18, 2023Updated 2 years ago
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆917Oct 30, 2024Updated last year