Utilities for Pentesting with BloodHound
☆22Feb 20, 2026Updated last week
Alternatives and similar repositories for bloodhoundcli
Users that are interested in bloodhoundcli are comparing it to the libraries listed below
Sorting:
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated 11 months ago
- runs sliver command on all hosts, partially based on example in sliver repo☆13Mar 23, 2024Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Shellcode execution via x86 inline assembly based on MSVC syntax☆17Apr 26, 2023Updated 2 years ago
- Active Directory Authentication Library☆91Nov 7, 2025Updated 3 months ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆96May 9, 2023Updated 2 years ago
- ☆79Sep 8, 2025Updated 5 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- A simple tool to identify WDS servers in Active Directory☆32Aug 25, 2025Updated 6 months ago
- A cross-platform tool to parse and describe the contents of a raw ntSecurityDescriptor structure☆47Oct 4, 2025Updated 4 months ago
- UAC Bypass using RequestTrace scheduled task☆23Mar 13, 2025Updated 11 months ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Updated this week
- Cs-Sleep-Mask-Fiber☆18May 16, 2025Updated 9 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Tool to obtain hash using MS-SNTP for user accounts☆29Jan 22, 2025Updated last year
- Hiding your infrastructure from the boys in blue.☆23Oct 18, 2021Updated 4 years ago
- Automatically run and populate a new instance of BH CE☆115Jan 30, 2026Updated last month
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆63Aug 25, 2022Updated 3 years ago
- Python tool to interact with WMI StdRegProv☆60Nov 19, 2024Updated last year
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22May 31, 2024Updated last year
- Asynchronous NFSv3 client in pure Python☆28Jul 16, 2025Updated 7 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆164Jan 23, 2026Updated last month
- A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks☆182Aug 16, 2025Updated 6 months ago
- ☆568Mar 28, 2024Updated last year
- ☆126Jan 23, 2025Updated last year
- Caesar-Cipher based encryption☆29Mar 1, 2021Updated 5 years ago
- ☆50Jul 9, 2025Updated 7 months ago
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆129Oct 23, 2025Updated 4 months ago
- Generate and Manage KeyCredentialLinks☆248Jan 30, 2026Updated last month
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆36Apr 24, 2025Updated 10 months ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Table of AD and Azure assets and whether they belong to Tier Zero☆26Sep 12, 2023Updated 2 years ago
- A small go tool to upload JSON files to the BloodHound community edition API☆29May 29, 2024Updated last year