gladstomych / AHHHZUREView external linksLinks
AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts to brush up their cloud sec skills.
☆104Apr 22, 2024Updated last year
Alternatives and similar repositories for AHHHZURE
Users that are interested in AHHHZURE are comparing it to the libraries listed below
Sorting:
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆196Apr 14, 2024Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated last year
- Leak NTLM via Website tab in teams via MS Office☆78Mar 28, 2024Updated last year
- C2 Infrastructure Automation☆118Jun 21, 2025Updated 7 months ago
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- ☆82Apr 9, 2024Updated last year
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 10 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆97Oct 7, 2024Updated last year
- Claude MCP server to perform analysis on ROADrecon data☆48Mar 30, 2025Updated 10 months ago
- ☆63Mar 14, 2024Updated last year
- ☆47Jan 31, 2024Updated 2 years ago
- ☆567Mar 28, 2024Updated last year
- Exploit for CVE-2024-3273, supports single and multiple hosts☆13Apr 7, 2024Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆181May 19, 2025Updated 8 months ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆485Updated this week
- ☆59Oct 24, 2024Updated last year
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆232Aug 25, 2024Updated last year
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆31Jan 27, 2025Updated last year
- WAF bypass PoC☆50Oct 9, 2023Updated 2 years ago
- A python polymorphic engine for C programs☆12Dec 8, 2023Updated 2 years ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆125Dec 2, 2023Updated 2 years ago
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆80Apr 2, 2025Updated 10 months ago
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- 🌩️ Collection of BloodHound queries for Azure☆82Jan 7, 2025Updated last year
- A rapid HTTP downgrade smuggling scanner written in Go.☆311May 16, 2024Updated last year
- A Red Team Activity Hub☆235Feb 4, 2026Updated last week
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆45Jul 6, 2025Updated 7 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆376Jan 23, 2025Updated last year
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 4 months ago
- A Python POC for CRED1 over SOCKS5☆164Oct 5, 2024Updated last year
- Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…☆1,086Feb 4, 2026Updated last week
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 10 months ago
- ☆138Apr 20, 2023Updated 2 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆32Mar 8, 2025Updated 11 months ago