f-bader / TokenTacticsV2

Related projects ⓘ

Alternatives and complementary repositories for TokenTacticsV2

• Mayyhem / Maestro
  Abusing Intune for Lateral Movement over C2
  ☆266Updated last week
• LuemmelSec / Custom-BloodHound-Queries
  ☆171Updated 9 months ago
• SpecterOps / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆189Updated this week
• techspence / ADeleginator
  A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory
  ☆151Updated last month
• joeavanzato / RetrievIR
  PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
  ☆91Updated 2 months ago
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆96Updated 2 years ago
• mvelazc0 / msInvader
  M365/Azure adversary simulation tool designed to simulate adversary techniques and generate attack telemetry.
  ☆111Updated 6 months ago
• secureworks / family-of-client-ids-research
  Research into Undocumented Behavior of Azure AD Refresh Tokens
  ☆223Updated 8 months ago
• improsec / ImproHound
  Identify the attack paths in BloodHound breaking your AD tiering
  ☆307Updated 2 years ago
• sse-secure-systems / TeamsEnum
  User Enumeration of Microsoft Teams users via API
  ☆117Updated 7 months ago
• zolderio / AITMWorker
  Proof of concept: using a Cloudflare worker for AITM attacks
  ☆89Updated 7 months ago
• Malcrove / SeamlessPass
  A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
  ☆129Updated 2 months ago
• h4wkst3r / ADOKit
  Azure DevOps Services Attack Toolkit
  ☆125Updated 3 months ago
• absolomb / FindMeAccess
  ☆46Updated 7 months ago
• HackmichNet / AzTokenFinder
  ☆104Updated last year
• csandker / Azure-AccessPermissions
  ☆105Updated last year
• RedByte1337 / GraphSpy
  Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
  ☆532Updated 3 months ago
• netwrix / PingCastleCloud
  Audit program for AzureAD
  ☆145Updated last year
• LuccaSA / PingCastle-Notify
  Monitor your PingCastle scans to highlight the rule diff between two scans
  ☆107Updated 3 months ago
• doredry / TokenFinder
  Tool to extract powerful tokens from Office desktop apps memory
  ☆67Updated 8 months ago
• mlcsec / Graphpython
  Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit
  ☆130Updated 3 months ago
• olafhartong / DefenderHarvester
  Expose a lot of MDE telemetry that is not easily accessible in any searchable form
  ☆99Updated 3 months ago
• MzHmO / PowershellKerberos
  Some scripts to abuse kerberos using Powershell
  ☆312Updated last year
• FuzzySecurity / SANS-HackFest-2023
  ☆47Updated 11 months ago
• wunderwuzzi23 / ropci
  So, you think you have MFA? AAD/ROPC/MFA bypass testing tool
  ☆98Updated last year
• SySS-Research / azurenum
  Enumerate Microsoft Entra ID (Azure AD) fast
  ☆86Updated 3 months ago
• secureworks / TokenMan
  ☆98Updated 2 years ago
• nheiniger / SnaffPoint
  A tool for pointesters to find candies in SharePoint
  ☆237Updated 2 years ago
• MWR-CyberSec / PXEThief
  PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configur…
  ☆315Updated 5 months ago
• Tanguy-Boisset / bloodhound-automation
  Automatically run and populate a new instance of BH CE
  ☆48Updated 3 weeks ago