An implementation of PyADRecon using ADWS instead of LDAP. Generates individual CSV files and a single XSLX + HTML report about your AD domain. Evades EDR detections through ADWS.
☆35Updated this week
Alternatives and similar repositories for PyADRecon-ADWS
Users that are interested in PyADRecon-ADWS are comparing it to the libraries listed below
Sorting:
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Updated this week
- a minimalistic winrm client written in python☆25May 15, 2025Updated 9 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 10 months ago
- adws enumeration bof☆167Feb 16, 2026Updated last week
- Extra cmdlets to help with quering security related information from Azure☆14Sep 16, 2024Updated last year
- NSecSoftBYOVD POC☆56Feb 12, 2026Updated 2 weeks ago
- A simple script to elevate current session to SYSTEM (needs to be run as Administrator)☆16Nov 11, 2024Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- ☆31Aug 23, 2020Updated 5 years ago
- ☆32Feb 13, 2026Updated 2 weeks ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.☆102May 6, 2024Updated last year
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.☆42Dec 30, 2025Updated 2 months ago
- RDP Checker☆64Feb 23, 2024Updated 2 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Sep 17, 2025Updated 5 months ago
- Just another Process Injection using Process Hollowing technique.☆18Sep 18, 2023Updated 2 years ago
- ☆41Dec 24, 2025Updated 2 months ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated last month
- ☆16Nov 23, 2021Updated 4 years ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Jan 13, 2021Updated 5 years ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated 2 years ago
- P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming…☆33Jul 5, 2025Updated 7 months ago
- Basic brute-force script targeting the standard Keycloak Admin/User Console browser login flow.☆25Apr 6, 2025Updated 10 months ago
- Federated Office365 user enumeration based on correlated response trend analysis☆49May 3, 2022Updated 3 years ago
- Everything related to Cobalt Strike☆15Feb 3, 2020Updated 6 years ago
- ☆47Feb 12, 2026Updated 2 weeks ago
- aggregated repo for all conferences and talks I am giving☆17Oct 30, 2021Updated 4 years ago
- Enumerate the Domain for Readable and Writable Shares☆23Nov 14, 2025Updated 3 months ago
- Find kernel32 base and API addresses. Simple C++ implementation☆23Apr 7, 2022Updated 3 years ago
- Lateral Movement☆125Nov 14, 2023Updated 2 years ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 5 months ago
- Most Responder's configuration power in your hand.☆54Jan 19, 2025Updated last year
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- Slinky Cat attempts to give users an easy-to-navigate menu offering predefined Active Directory Service Interfaces (ADSI) and .NET querie…☆80Jul 12, 2023Updated 2 years ago
- Data exfiltration utility for testing detection capabilities☆56Jan 13, 2022Updated 4 years ago