Alternatives and similar repositories for BloodHound-AzureAD

Users that are interested in BloodHound-AzureAD are comparing it to the libraries listed below

• SadProcessor / CypherDog

  View on GitHub
  PoSh BloodHound Dog Whisperer
  ☆193May 23, 2023Updated 2 years ago
• dirkjanm / ROADtools

  View on GitHub
  A collection of Azure AD/Entra tools for offensive and defensive security purposes
  ☆2,515Feb 5, 2026Updated last week
• outflanknl / Spray-AD

  View on GitHub
  A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.
  ☆441Apr 1, 2022Updated 3 years ago
• rsmudge / ZeroLogon-BOF

  View on GitHub
  ☆163Apr 25, 2022Updated 3 years ago
• dirkjanm / ROADtoken

  View on GitHub
  ☆100Sep 30, 2020Updated 5 years ago
• Azure / Stormspotter

  View on GitHub
  Azure Red Team tool for graphing Azure and Azure Active Directory objects
  ☆1,685Jan 8, 2024Updated 2 years ago
• hausec / PowerZure

  View on GitHub
  PowerShell framework to assess Azure security
  ☆1,253Oct 18, 2025Updated 3 months ago
• dirkjanm / adconnectdump

  View on GitHub
  Dump Azure AD Connect credentials for Azure AD and Active Directory
  ☆779Aug 26, 2025Updated 5 months ago
• gremwell / o365enum

  View on GitHub
  Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
  ☆292May 2, 2024Updated last year
• outflanknl / Recon-AD

  View on GitHub
  Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
  ☆331Oct 20, 2019Updated 6 years ago
• NetSPI / MicroBurst

  View on GitHub
  A collection of scripts for assessing Microsoft Azure security
  ☆2,300Oct 29, 2025Updated 3 months ago
• rxwx / spoolsystem

  View on GitHub
  Print Spooler Named Pipe Impersonation for Cobalt Strike
  ☆270Jun 13, 2020Updated 5 years ago
• Raikia / SharpStat

  View on GitHub
  C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely
  ☆38Jan 3, 2020Updated 6 years ago
• vysecurity / AggressorScripts-1

  View on GitHub
  Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
  ☆13Jun 24, 2018Updated 7 years ago
• djhohnstein / SharpSearch

  View on GitHub
  Search files for extensions as well as text within.
  ☆120Sep 28, 2021Updated 4 years ago
• ConstantinT / Lantern

  View on GitHub
  ☆23Nov 13, 2021Updated 4 years ago
• mandiant / ADFSDump

  View on GitHub
  ☆376Aug 7, 2023Updated 2 years ago
• mdsecactivebreach / RegistryStrikesBack

  View on GitHub
  ☆53Oct 20, 2020Updated 5 years ago
• mdsecactivebreach / o365-attack-toolkit

  View on GitHub
  A toolkit to attack Office365
  ☆1,114Nov 6, 2020Updated 5 years ago
• curi0usJack / rubeus2ccache

  View on GitHub
  Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
  ☆67Oct 3, 2020Updated 5 years ago
• rasta-mouse / CollectorService

  View on GitHub
  ☆54Apr 27, 2019Updated 6 years ago
• pkb1s / SharpAllowedToAct

  View on GitHub
  Computer object takeover through Resource-Based Constrained Delegation (msDS-AllowedToActOnBehalfOfOtherIdentity)
  ☆197Feb 1, 2021Updated 5 years ago
• dafthack / MSOLSpray

  View on GitHub
  A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the ac…
  ☆1,073Mar 19, 2024Updated last year
• dirkjanm / ldapdomaindump

  View on GitHub
  Active Directory information dumper via LDAP
  ☆1,365Apr 6, 2025Updated 10 months ago
• checkymander / Sharp-SMBExec

  View on GitHub
  SMBExec C# module
  ☆219Aug 21, 2020Updated 5 years ago
• vysecurity / AzureAppC2

  View on GitHub
  A script that can be deployed to Azure App for C2 / Proxy / Redirector
  ☆41May 17, 2019Updated 6 years ago
• rvrsh3ll / SharpExcel4-DCOM

  View on GitHub
  Port of Invoke-Excel4DCOM
  ☆104Oct 12, 2019Updated 6 years ago
• olafhartong / BHCEupload

  View on GitHub
  A small go tool to upload JSON files to the BloodHound community edition API
  ☆30May 29, 2024Updated last year
• bats3c / ADCSPwn

  View on GitHub
  A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certifica…
  ☆863Mar 20, 2023Updated 2 years ago
• mvelazc0 / PurpleSharp

  View on GitHub
  PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monit…
  ☆843Dec 17, 2024Updated last year
• outflanknl / Ps-Tools

  View on GitHub
  Ps-Tools, an advanced process monitoring toolkit for offensive operations
  ☆355Dec 1, 2020Updated 5 years ago
• anthemtotheego / SharpSploitConsole

  View on GitHub
  ☆182Feb 21, 2022Updated 3 years ago
• mdsecactivebreach / Chameleon

  View on GitHub
  Chameleon: A tool for evading Proxy categorisation
  ☆515Nov 28, 2024Updated last year
• nccgroup / azucar

  View on GitHub
  Security auditing tool for Azure environments
  ☆585Nov 4, 2022Updated 3 years ago
• mdsecactivebreach / lambda-webbugs

  View on GitHub
  A proof of concept for delivering webbugs via AWS lambda
  ☆46Sep 10, 2018Updated 7 years ago
• rasta-mouse / AsyncNamedPipes

  View on GitHub
  Send and receive messages over Named Pipes asynchronously.
  ☆39Sep 17, 2021Updated 4 years ago
• curtbraz / PhishingFromMS365API

  View on GitHub
  A Couple of Python Scripts Leveraging MS365's GraphAPI to Send Custom Calendar Events / Emails from Cheap O365 Accounts
  ☆18Apr 19, 2024Updated last year
• jnqpblc / Misc-PowerShell

  View on GitHub
  Miscellaneous PowerShell scripts for red team activities
  ☆16Jan 15, 2026Updated 3 weeks ago
• jnqpblc / SharpSpray

  View on GitHub
  SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobalt…
  ☆196Jun 30, 2019Updated 6 years ago