A tool to interact with Kerberos to request, forge and convert various types of tickets in an Active Directory environment.
☆68Jun 8, 2026Updated this week
Alternatives and similar repositories for kerbtool
Users that are interested in kerbtool are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Powershell and python utilties for Entra Connect☆29Jun 5, 2025Updated last year
- tool for enumeration & bulk download of sensitive files found in SharePoint environments☆86Apr 2, 2025Updated last year
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- ☆21Feb 6, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆177May 13, 2024Updated 2 years ago
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆366Dec 13, 2025Updated 6 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 6 months ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆21Jul 27, 2024Updated last year
- Collection of many ldap bofs for domain enumeration and privilege escalation. Created for use with the Adaptix C2.☆98Dec 15, 2025Updated 5 months ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- ☆112Apr 23, 2026Updated last month
- Local SYSTEM auth trigger for relaying☆172Jul 22, 2025Updated 10 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆160Nov 2, 2025Updated 7 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Smuggle a file to a user's browser☆20Apr 16, 2022Updated 4 years ago
- Convert an LDIF file to JSON files ingestible by BloodHound☆46May 20, 2026Updated 3 weeks ago
- Shellcode reflective DLL injection in Rust☆30May 3, 2026Updated last month
- ☆42Oct 8, 2024Updated last year
- MSBuild without MSbuild.exe☆135Dec 21, 2020Updated 5 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 6 months ago
- Automatically run and populate a new instance of BH CE☆124Jan 30, 2026Updated 4 months ago
- ☆110Updated this week
- SOAPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) through a SOCKS5 pr…☆202Jun 6, 2026Updated last week
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A Python POC for CRED1 over SOCKS5☆171Oct 5, 2024Updated last year
- Generate and Manage KeyCredentialLinks☆256Jun 2, 2026Updated last week
- Tool for interacting with outlook interop during red team engagements☆145Jun 29, 2021Updated 4 years ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆358Nov 19, 2024Updated last year
- A C# tool for extracting information from SCCM PXE boot media.☆57May 21, 2026Updated 3 weeks ago
- ☆65Mar 15, 2024Updated 2 years ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆81Oct 27, 2025Updated 7 months ago
- Hiding your infrastructure from the boys in blue.☆23Oct 18, 2021Updated 4 years ago
- PowerShell scripts to create sandboxed or vulnerable environments using HyperV and AutomatedLab☆96Mar 12, 2026Updated 3 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- SharpBuster is a C# implementation of a directory brute forcing tool. It's designed to be used via Cobalt Strike's execute-assembly and s…☆64Sep 2, 2020Updated 5 years ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆215Feb 16, 2026Updated 3 months ago
- ☆248May 5, 2024Updated 2 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆95Jun 20, 2022Updated 3 years ago
- LoadLibrary for offensive operations☆31Dec 14, 2021Updated 4 years ago
- ☆107Jul 31, 2024Updated last year
- A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024☆16Sep 12, 2024Updated last year