An introduction to Active Directory security
☆651Aug 22, 2022Updated 3 years ago
Alternatives and similar repositories for adsec
Users that are interested in adsec are comparing it to the libraries listed below
Sorting:
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆233Jun 10, 2022Updated 3 years ago
- A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…☆867Mar 20, 2023Updated 3 years ago
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆2,264Apr 12, 2024Updated last year
- Self-developed tools for Lateral Movement/Code Execution☆719Aug 17, 2021Updated 4 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,880Aug 18, 2023Updated 2 years ago
- .NET Project for Attacking vCenter☆553Nov 11, 2021Updated 4 years ago
- Automation for internal Windows Penetrationtest / AD-Security☆3,650Aug 28, 2025Updated 6 months ago
- ☆667Nov 17, 2021Updated 4 years ago
- PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.☆922Feb 28, 2024Updated 2 years ago
- A PowerShell armoury for security guys and girls☆467Jan 23, 2024Updated 2 years ago
- Windows Privilege Escalation from User to Domain Admin.☆1,451Dec 18, 2022Updated 3 years ago
- Terraform config to spin up a domain controller and some member servers in azure☆33Apr 11, 2022Updated 3 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆819Oct 27, 2023Updated 2 years ago
- Azure Security Resources and Notes☆1,716Feb 17, 2026Updated last month
- NTLM relaying for Windows made easy☆581Apr 25, 2023Updated 2 years ago
- A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)☆192Jul 7, 2021Updated 4 years ago
- A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.☆6,541Jan 18, 2026Updated 2 months ago
- Attack and defend active directory using modern post exploitation adversary tradecraft activity☆4,805Jul 29, 2025Updated 7 months ago
- BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of…☆2,227Jun 7, 2023Updated 2 years ago
- Get file less command execution for lateral movement.☆637Jun 3, 2022Updated 3 years ago
- This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …☆2,478Dec 31, 2025Updated 2 months ago
- A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.☆635Oct 18, 2025Updated 5 months ago
- Attack Graph Visualizer and Explorer (Active Directory) ...Who's *really* Domain Admin?☆2,143Feb 21, 2026Updated last month
- A User Impersonation tool - via Token or Shellcode injection☆422May 21, 2022Updated 3 years ago
- Hunts out CobaltStrike beacons and logs operator command output☆951Sep 4, 2024Updated last year
- Defences against Cobalt Strike☆1,298Jul 14, 2022Updated 3 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆326Nov 6, 2022Updated 3 years ago
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆991Oct 7, 2022Updated 3 years ago
- Detect and respond to Cobalt Strike beacons using ETW.☆516Jul 15, 2022Updated 3 years ago
- BloodyAD is an Active Directory Privilege Escalation Framework☆2,122Feb 27, 2026Updated 3 weeks ago
- Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.☆484Jul 9, 2024Updated last year
- The swiss army knife of LSASS dumping☆2,081Sep 17, 2024Updated last year
- ☆538Nov 20, 2021Updated 4 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆446Oct 19, 2022Updated 3 years ago
- Extract credentials from lsass remotely☆2,184Dec 24, 2025Updated 2 months ago
- Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019☆1,812Sep 4, 2024Updated last year
- Pass the Hash to a named pipe for token Impersonation☆311Nov 29, 2023Updated 2 years ago
- Active Directory certificate abuse.☆1,931Oct 27, 2025Updated 4 months ago
- Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).☆819Dec 14, 2023Updated 2 years ago