emiliensocchi / azurehound-queriesView external linksLinks
π©οΈ Collection of BloodHound queries for Azure
β82Jan 7, 2025Updated last year
Alternatives and similar repositories for azurehound-queries
Users that are interested in azurehound-queries are comparing it to the libraries listed below
Sorting:
- A small go tool to upload JSON files to the BloodHound community edition APIβ29May 29, 2024Updated last year
- Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policyβ167Nov 17, 2025Updated 3 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSOβ232Aug 25, 2024Updated last year
- Abusing Azure services over C2β368Jan 20, 2026Updated 3 weeks ago
- Tool to perform GCP Domain Wide Delegation abuse and access Gmail and Drive dataβ72Oct 22, 2025Updated 3 months ago
- Info on how to use Kerberos KDC on a non-domain joined hostβ53Jul 31, 2024Updated last year
- Azure Post Exploitation Frameworkβ244Oct 27, 2025Updated 3 months ago
- β94Dec 9, 2025Updated 2 months ago
- β26Feb 11, 2025Updated last year
- A fork of the great TokenTactics with support for CAE and token endpoint v2β385Feb 9, 2026Updated last week
- Azure DevOps Services Attack Toolkitβ150Mar 15, 2025Updated 11 months ago
- β63Mar 14, 2024Updated last year
- A small script that automates Entra ID persistence with Windows Hello For Business keyβ65Feb 16, 2025Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Direβ¦β859Feb 3, 2024Updated 2 years ago
- β216Mar 26, 2024Updated last year
- Azure Offensive Libraryβ17Oct 18, 2025Updated 3 months ago
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation β¦β13Apr 25, 2024Updated last year
- β18Jan 26, 2026Updated 3 weeks ago
- Parser and reconciliation tooling for large Active Directory environments.β33Feb 18, 2025Updated 11 months ago
- β40Oct 8, 2024Updated last year
- β160Jan 27, 2025Updated last year
- Unix Process hollowing in rustβ22Dec 16, 2024Updated last year
- A bunch of shenanigans using functions, VEH and moreβ37Jun 8, 2025Updated 8 months ago
- This is a GRE PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasionβ94Aug 23, 2025Updated 5 months ago
- A BloodHound collector for Microsoft Configuration Managerβ364Jul 7, 2025Updated 7 months ago
- β157Apr 17, 2024Updated last year
- β31Updated this week
- SACL Scanner is a tool designed to scan and analyze SACLs.β50Feb 13, 2025Updated last year
- Dump processes over WMI with MSFT_MTProcessβ81Updated this week
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkitβ165Dec 7, 2024Updated last year
- BloodHound Attack Research Kitβ584Mar 18, 2025Updated 10 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and β¦β379Jan 23, 2025Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness toolβ270Nov 12, 2024Updated last year
- This repository contains scripts about ACL abuse and any other active directory attacking methods.β36Aug 20, 2023Updated 2 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraftβ52May 16, 2024Updated last year
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.β15Apr 4, 2023Updated 2 years ago
- β15Jan 26, 2023Updated 3 years ago
- A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directoryβ25Jun 29, 2025Updated 7 months ago
- A cross-platform tool to parse and describe the contents of a raw ntSecurityDescriptor structureβ47Oct 4, 2025Updated 4 months ago