Powershell and python utilties for Entra Connect
☆29Jun 5, 2025Updated 9 months ago
Alternatives and similar repositories for ECUtilities
Users that are interested in ECUtilities are comparing it to the libraries listed below
Sorting:
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆85Apr 2, 2025Updated 11 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 9 months ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 3 months ago
- Scripts to enumerate and report on Entra Conditional Access☆41Sep 5, 2025Updated 6 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆136Aug 23, 2025Updated 6 months ago
- Passworld is a fully customizable wordlist generator☆16Sep 13, 2024Updated last year
- adws enumeration bof☆169Feb 16, 2026Updated last month
- ☆160Apr 17, 2024Updated last year
- Lateral Movement Bof with MSI ODBC Driver Install☆147Sep 30, 2025Updated 5 months ago
- Repo hacks☆21Dec 7, 2025Updated 3 months ago
- A tool to interact with Kerberos to request, forge and convert various types of tickets in an Active Directory environment.☆67Jun 10, 2025Updated 9 months ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆95Mar 8, 2023Updated 3 years ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆47Jan 14, 2026Updated 2 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆22Feb 20, 2025Updated last year
- ☆17Jan 9, 2025Updated last year
- ☆50Jul 9, 2025Updated 8 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 5 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆168Sep 22, 2025Updated 5 months ago
- Advanced In-Memory PowerShell Process Injection Framework�☆73Jul 16, 2025Updated 8 months ago
- ☆215Dec 17, 2025Updated 3 months ago
- ☆41Oct 8, 2024Updated last year
- ☆35Updated this week
- Some stuff for PHD2021☆14May 21, 2025Updated 10 months ago
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆261Feb 21, 2025Updated last year
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 3 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- ☆18Feb 29, 2024Updated 2 years ago
- results of scraping OneDrive from February 2022 - March 2025☆27Apr 29, 2025Updated 10 months ago