A tool that implements the Golden SAML attack
☆340Oct 15, 2018Updated 7 years ago
Alternatives and similar repositories for shimit
Users that are interested in shimit are comparing it to the libraries listed below
Sorting:
- ☆408Feb 10, 2026Updated 3 weeks ago
- Microsoft External Attack Tool☆178Dec 8, 2022Updated 3 years ago
- Various Cheat Sheets☆183Jun 24, 2021Updated 4 years ago
- A Red Team tool for exfiltrating sensitive data from Confluence pages.☆114Feb 21, 2023Updated 3 years ago
- Dump Azure AD Connect credentials for Azure AD and Active Directory☆779Aug 26, 2025Updated 6 months ago
- HTA encryption tool for RedTeams☆1,422Nov 9, 2022Updated 3 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- Test Azure environment for MFA misconfigurations☆12Jan 13, 2023Updated 3 years ago
- ☆263Apr 10, 2023Updated 2 years ago
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- initial commit☆174Jun 11, 2018Updated 7 years ago
- DEPRECATED SharpRoast is a C# port of various PowerView's Kerberoasting functionality.☆251Sep 25, 2018Updated 7 years ago
- Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, …☆931Nov 11, 2024Updated last year
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,530Feb 5, 2026Updated 3 weeks ago
- A C# implementation of PrivExchange by @_dirkjan.☆155Mar 15, 2019Updated 6 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆235Feb 15, 2021Updated 5 years ago
- retrieve information via O365 and AzureAD with a valid cred☆732Aug 14, 2022Updated 3 years ago
- A tool to abuse Exchange services☆2,300Jun 10, 2024Updated last year
- Suite of tools to facilitate attacks against the Jamf macOS management platform.☆189Feb 10, 2021Updated 5 years ago
- Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute.☆177Sep 18, 2018Updated 7 years ago
- Azure JWT Token Manipulation Toolset☆716Dec 6, 2024Updated last year
- ☆376Aug 7, 2023Updated 2 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆611Feb 16, 2023Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- ☆415Apr 28, 2021Updated 4 years ago
- Implementing Kerberoast attack fully in python☆72Sep 29, 2018Updated 7 years ago
- ☆198Mar 19, 2020Updated 5 years ago
- Microsoft365 Device Code Phishing Framework☆39Sep 4, 2021Updated 4 years ago
- LDAP library for auditing MS AD☆486Feb 11, 2026Updated 3 weeks ago
- A C# utility for interacting with SCCM☆682Aug 20, 2025Updated 6 months ago
- A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …☆95Jun 6, 2024Updated last year
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely☆425Jul 27, 2022Updated 3 years ago
- Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.☆608Aug 5, 2022Updated 3 years ago
- Payload Generation Framework☆1,972Aug 21, 2024Updated last year
- ☆92Aug 23, 2021Updated 4 years ago