Alternatives and similar repositories for ImproHound

Users that are interested in ImproHound are comparing it to the libraries listed below

• nheiniger / SnaffPoint
  A tool for pointesters to find candies in SharePoint
  ☆262Updated 2 years ago
• LuemmelSec / Custom-BloodHound-Queries
  ☆179Updated 8 months ago
• mgeeky / AzureRT
  AzureRT - A Powershell module implementing various Azure Red Team tactics
  ☆235Updated 3 years ago
• SpecterOps / presentations
  SpecterOps Presentations
  ☆206Updated last month
• Semperis / GoldenGMSA
  GolenGMSA tool for working with GMSA passwords
  ☆163Updated this week
• 0xJs / CARTP-cheatsheet
  Azure AD cheatsheet for the CARTP course
  ☆130Updated 3 years ago
• puzzlepeaches / msprobe
  Finding all things on-prem Microsoft for password spraying and enumeration.
  ☆257Updated 3 years ago
• Qazeer / FarsightAD
  PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory …
  ☆95Updated last month
• paranoidninja / O365-Doppelganger
  A quick handy script to harvest credentials off of a user during a Red Team and get execution of a file from the user
  ☆259Updated 3 years ago
• cfalta / PoshADCS
  A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)
  ☆191Updated 4 years ago
• lkarlslund / deploy-goad
  Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04
  ☆115Updated last year
• MzHmO / PowershellKerberos
  Some scripts to abuse kerberos using Powershell
  ☆342Updated 2 years ago
• idnahacks / GoodHound
  Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
  ☆469Updated last year
• netwrix / PingCastleCloud
  Audit program for AzureAD
  ☆150Updated 2 years ago
• improsec / Get-bADpasswords
  Get insights into the actual strength and quality of passwords in Active Directory.
  ☆155Updated last year
• sse-secure-systems / TeamsEnum
  User Enumeration of Microsoft Teams users via API
  ☆163Updated last year
• garrettfoster13 / aced
  ☆184Updated 9 months ago
• t3hbb / DefenderCheck
  Identifies the bytes that Microsoft Defender flags on.
  ☆89Updated 3 years ago
• trustedsec / User-Behavior-Mapping-Tool
  ☆165Updated 2 years ago
• mtth-bfft / adeleg
  Active Directory delegation management tool
  ☆318Updated 2 years ago
• SadProcessor / HandsOnBloodHound
  Material for the "Hands-On BloodHound" Workshop
  ☆109Updated 4 years ago
• Mayyhem / Maestro
  Abusing Azure services over C2
  ☆351Updated 2 months ago
• trustedsec / SeeYouCM-Thief
  ☆190Updated 2 years ago
• treebuilder / aad-sso-enum-brute-spray
  POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
  ☆191Updated 3 years ago
• 1njected / CMLoot
  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
  ☆177Updated 2 years ago
• dirkjanm / ROADtoken
  ☆93Updated 4 years ago
• kaluche / bloodhound-quickwin
  Simple script to extract useful informations from the combo BloodHound + Neo4j
  ☆252Updated 4 months ago
• trustedsec / orpheus
  Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
  ☆397Updated 5 months ago
• 0xJs / domain_audit
  Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.
  ☆168Updated last month
• Z4kSec / Masky
  Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory
  ☆397Updated last week