jwardsmith / Active-Directory-ExploitationLinks
This cheatsheet contains Active Directory (AD) exploitation techniques, showcasing methods used to identify and abuse misconfigurations or weaknesses within AD environments.
☆54Updated 2 years ago
Alternatives and similar repositories for Active-Directory-Exploitation
Users that are interested in Active-Directory-Exploitation are comparing it to the libraries listed below
Sorting:
- Find Microsoft Exchange instance for a given domain and identify the exact version☆188Updated 3 years ago
- MSSQL Database Attacker tool☆194Updated 3 years ago
- Lord Of Active Directory - automatic vulnerable active directory on AWS☆149Updated 2 years ago
- Retrieve AD accounts description and search for password in it☆82Updated 3 years ago
- A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.☆133Updated 2 years ago
- POC for CVE-2022-47966 affecting multiple ManageEngine products☆128Updated 3 years ago
- Exploit for the CVE-2023-23397☆160Updated 2 years ago
- A webshell application and interactive shell for pentesting Apache Tomcat servers.☆126Updated 11 months ago
- GUI alternative to the Rubeus command line tool, for all your Kerberos exploit requirements☆185Updated 4 years ago
- This code bypass AMSI by setting JE instruction to JNE in assembly of amsi.dll file☆36Updated 2 years ago
- Powershell version of SharpGPOAbuse☆90Updated 4 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆178Updated 2 years ago
- F5 BIG-IP RCE exploitation (CVE-2022-1388)☆87Updated 3 years ago
- Azure AD Password Checker☆86Updated last year
- CVE-2023-20198 Exploit PoC☆63Updated 2 years ago
- A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY☆89Updated 3 years ago
- ☆95Updated 3 years ago
- Python script for automating the creation of serverless cloud redirectors from Cobalt Strike malleable C2 profiles☆202Updated last year
- Active Directory password spraying tool. Auto fetches user list and avoids potential lockouts.☆131Updated 4 years ago
- PrintNightmare (CVE-2021-34527) PoC Exploit☆119Updated 3 years ago
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆115Updated 2 years ago
- ACL abuse swiss-knife☆127Updated 3 years ago
- Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.☆127Updated 2 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆186Updated 3 years ago
- A robust Red Team proxy written in Go.☆165Updated 4 years ago
- Apache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.☆56Updated 2 years ago
- Impacket is a collection of Python classes for working with network protocols.☆45Updated 4 years ago
- Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, a…☆111Updated 3 years ago
- Automating Juicy Potato Local Privilege Escalation CMD exploit for penetration testers.☆48Updated 3 years ago
- Exploiting CVE-2021-44228 in vCenter for remote code execution and more.☆109Updated 4 years ago