Alternatives and similar repositories for bloodhound-cli

Users that are interested in bloodhound-cli are comparing it to the libraries listed below

• BronzeBee / DavRelayUp
  An old Windows workstations LPE for domain environments without LDAP signing/channel binding.
  ☆34Updated 2 years ago
• scottctaylor12 / Red-Lambda
  Leveraging AWS Lambda Function URLs for C2 Redirection
  ☆35Updated last year
• WafflesExploits / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆27Updated 4 months ago
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆47Updated 5 months ago
• GeisericII / Winpacket
  Impacket pre-compiled binaries
  ☆16Updated last year
• n00py / GetFGPP
  Get Fine Grained Password Policy
  ☆70Updated last month
• shelltrail / cmloot
  ☆48Updated last year
• SySS-Research / ldif2bloodhound
  Convert an LDIF file to JSON files ingestible by BloodHound
  ☆42Updated 2 months ago
• csandker / pxethiefy
  ☆61Updated 4 months ago
• ghost-ng / slinger
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆48Updated 3 weeks ago
• morRubin / NegoExRelay
  ☆88Updated 2 years ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆49Updated last month
• 0xe7 / RoastInTheMiddle
  ☆71Updated last year
• sud0Ru / NauthNRPC
  Enumerate Domain Users Without Authentication
  ☆34Updated last month
• ibaiC / MFade
  A python port of @dafthack's MFAsweep with some added OPSEC functionality. MFAde can be used to find single-factor authentication failure…
  ☆39Updated 3 months ago
• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆56Updated 3 years ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆74Updated 2 years ago
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆149Updated 7 months ago
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆37Updated 6 months ago
• fortalice / pyldapsearch
  Tool for issuing manual LDAP queries which offers bofhound compatible output
  ☆52Updated last year
• LaresLLC / SuperSharpShares
  SuperSharpShares is a tool designed to automate enumerating domain shares, allowing for quick verification of accessible shares by your a…
  ☆74Updated last year
• Dramelac / GoldenCopy
  Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
  ☆93Updated last year
• dmcxblue / AzureFunctionRedirector
  ☆45Updated last month
• xpn / CloudInject
  ☆110Updated 6 months ago
• nyxgeek / autodiscover_enum
  time-based user enum via Basic Auth in Azure against Autodiscover
  ☆32Updated 8 months ago
• Acceis / bqm
  Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.
  ☆38Updated last year
• sagiol / Terms-of-What
  Terms of Use Conditional Access M365 Evilginx Phishlet
  ☆36Updated last month
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆50Updated 4 months ago
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆15Updated 2 years ago
• OtterHacker / ShareFouine
  ☆50Updated 7 months ago