idnahacks / AD_attack_defend_cheatsheet
A list of commands, tools and notes about enumerating and exploiting Active Directory and how to defend against these attacks
☆21Updated 3 years ago
Alternatives and similar repositories for AD_attack_defend_cheatsheet:
Users that are interested in AD_attack_defend_cheatsheet are comparing it to the libraries listed below
- Convert ldapdomaindump to Bloodhound☆79Updated last year
- A collection of tools Neil and Andy have been working on released in one place and interlinked with previous tools☆88Updated last year
- Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.☆38Updated last year
- ☆71Updated last year
- Python tool to find vulnerable AD object and generating csv report☆26Updated 2 years ago
- Azure pentesting reference for Altered Security Lab☆24Updated 3 years ago
- User enumeration and password spraying tool for testing Azure AD☆69Updated 3 years ago
- Discord C2 Profile for Mythic☆28Updated 2 months ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆91Updated 3 years ago
- Automation of Active Directory penetration testing tasks on top of BloodHound CE☆34Updated last year
- Scripts that automate portions of pentests.☆49Updated last week
- ☆44Updated 9 months ago
- ☆58Updated last week
- a simple powershell wrapper to automate checking a user's access around the network☆13Updated last year
- An Ansible collection that installs an ADFS deployment with optional configurations.☆29Updated 4 months ago
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- ☆52Updated last year
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- ☆12Updated 2 weeks ago
- Custom queries list for BloodHound☆24Updated 7 months ago
- Find Inbound Email Domains☆22Updated last year
- Get Fine Grained Password Policy☆70Updated last week
- Small utility to chunk up a large BloodHound JSON file into smaller files for importing.☆92Updated 2 years ago
- Bypass Constrained Language Mode in PowerShell☆27Updated 5 years ago
- A small script that automates Entra ID persistence with Windows Hello For Business key☆56Updated 2 months ago
- Red Teaming & Active Directory Cheat Sheet.☆40Updated last year
- ☆27Updated last year
- Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-ac…☆101Updated 9 months ago
- RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.☆57Updated 4 months ago