π©οΈ Collection of BloodHound queries for Azure
β84Jan 7, 2025Updated last year
Alternatives and similar repositories for azurehound-queries
Users that are interested in azurehound-queries are comparing it to the libraries listed below
Sorting:
- A small go tool to upload JSON files to the BloodHound community edition APIβ31May 29, 2024Updated last year
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policyβ167Nov 17, 2025Updated 3 months ago
- Abusing Azure services over C2β367Jan 20, 2026Updated last month
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSOβ237Aug 25, 2024Updated last year
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive dataβ73Oct 22, 2025Updated 4 months ago
- Info on how to use Kerberos KDC on a non-domain joined hostβ53Jul 31, 2024Updated last year
- Azure Post Exploitation Frameworkβ244Oct 27, 2025Updated 4 months ago
- β94Dec 9, 2025Updated 3 months ago
- Research into Undocumented Behavior of Azure AD Refresh Tokensβ13Oct 27, 2023Updated 2 years ago
- β26Feb 11, 2025Updated last year
- A fork of the great TokenTactics with support for CAE and token endpoint v2β394Feb 9, 2026Updated last month
- Azure DevOps Services Attack Toolkitβ150Mar 15, 2025Updated 11 months ago
- A small script that automates Entra ID persistence with Windows Hello For Business keyβ66Feb 16, 2025Updated last year
- β64Mar 14, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β863Feb 3, 2024Updated 2 years ago
- β215Mar 26, 2024Updated last year
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation β¦β13Apr 25, 2024Updated last year
- β18Jan 26, 2026Updated last month
- Azure Offensive Libraryβ17Oct 18, 2025Updated 4 months ago
- Parser and reconciliation tooling for large Active Directory environments.β33Feb 18, 2025Updated last year
- β160Jan 27, 2025Updated last year
- A bunch of shenanigans using functions, VEH and moreβ37Jun 8, 2025Updated 9 months ago
- Unix Process hollowing in rustβ22Dec 16, 2024Updated last year
- This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasionβ95Aug 23, 2025Updated 6 months ago
- β41Oct 8, 2024Updated last year
- A BloodHound collector for Microsoft Configuration Managerβ392Jul 7, 2025Updated 8 months ago
- β158Apr 17, 2024Updated last year
- SACL Scanner is a tool designed to scan and analyze SACLs.β51Feb 13, 2025Updated last year
- Dump processes over WMI with MSFT_MTProcessβ84Feb 13, 2026Updated 3 weeks ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkitβ165Dec 7, 2024Updated last year
- BloodHound Attack Research Kitβ585Mar 18, 2025Updated 11 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and β¦β384Jan 23, 2025Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness toolβ271Nov 12, 2024Updated last year
- This repository contains scripts about ACL abuse and any other active directory attacking methods.β36Aug 20, 2023Updated 2 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraftβ52May 16, 2024Updated last year
- A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directoryβ25Jun 29, 2025Updated 8 months ago
- β15Jan 26, 2023Updated 3 years ago
- β33Feb 13, 2026Updated 3 weeks ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.β15Apr 4, 2023Updated 2 years ago