Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)
☆346Mar 4, 2025Updated last year
Alternatives and similar repositories for OffensiveCloud
Users that are interested in OffensiveCloud are comparing it to the libraries listed below
Sorting:
- Azure Security Resources and Notes☆1,713Feb 17, 2026Updated 2 weeks ago
- TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts☆1,369Oct 22, 2025Updated 4 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆862Feb 3, 2024Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆738May 19, 2023Updated 2 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆374Sep 20, 2025Updated 5 months ago
- DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …☆568Jun 5, 2023Updated 2 years ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,128Oct 21, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,370Oct 27, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Collection of offensive tools targeting Microsoft Azure☆218Jan 18, 2023Updated 3 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago
- RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers…☆673Feb 17, 2026Updated 2 weeks ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- Azure and AWS Attacks☆1,114Nov 25, 2022Updated 3 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- ADCS abuser☆314Feb 6, 2023Updated 3 years ago
- User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin☆484Sep 24, 2025Updated 5 months ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- ☆185Dec 4, 2024Updated last year
- ☆252Sep 28, 2023Updated 2 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).☆418Jan 27, 2024Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- Ask a TGS on behalf of another user without password☆482Mar 30, 2025Updated 11 months ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆243Jan 4, 2023Updated 3 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆820Oct 27, 2023Updated 2 years ago
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆500Jan 23, 2023Updated 3 years ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Feb 18, 2026Updated 2 weeks ago
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,053Jan 22, 2026Updated last month
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆372Dec 9, 2022Updated 3 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆611Feb 16, 2023Updated 3 years ago
- Modified version of Pypykatz to print encrypted credentials☆56Dec 26, 2022Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …☆2,475Dec 31, 2025Updated 2 months ago
- Automating situational awareness for cloud penetration tests.☆2,299Updated this week
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,263Mar 19, 2025Updated 11 months ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago