mburrough/pentestingazureapps external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mburrough/pentestingazureapps

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mburrough/pentestingazureapps)

Close

mburrough / pentestingazureappsView on GitHubMore

• External links
• Readme badge

Script samples from the book Pentesting Azure Applications (2018, No Starch Press)

☆88Jan 31, 2019Updated 7 years ago

Alternatives and similar repositories for pentestingazureapps

Users that are interested in pentestingazureapps are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MrTaherAmine / pentest-management

  View on GitHub
  Simple webinterface combining different recon tools.
  ☆12Mar 2, 2018Updated 8 years ago
• nccgroup / azucar

  View on GitHub
  Security auditing tool for Azure environments
  ☆583Nov 4, 2022Updated 3 years ago
• NetSPI / MicroBurst

  View on GitHub
  A collection of scripts for assessing Microsoft Azure security
  ☆2,374Mar 15, 2026Updated last month
• cosmoscrew / ssrf-playground

  View on GitHub
  A playground to practice SSRF Attacks against web apps
  ☆17Oct 15, 2018Updated 7 years ago
• hausec / PowerZure

  View on GitHub
  PowerShell framework to assess Azure security
  ☆1,272Oct 18, 2025Updated 6 months ago
• Open source password manager - Proton Pass • Ad
  Securely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
• slyd0g / SharpRoast-Parser

  View on GitHub
  Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.
  ☆32Feb 28, 2019Updated 7 years ago
• talmaor / AzureADLateralMovement

  View on GitHub
  Lateral Movement graph for Azure Active Directory
  ☆127Dec 8, 2022Updated 3 years ago
• dirkjanm / adconnectdump

  View on GitHub
  Dump Azure AD Connect credentials for Azure AD and Active Directory
  ☆792Aug 26, 2025Updated 8 months ago
• cyndicatelabs / brc4_profile_maker

  View on GitHub
  An interactive TUI tool to create Brute Ratel C4 profiles based on BURP browsing data.
  ☆32May 23, 2025Updated 11 months ago
• leechristensen / RequestAADRefreshToken

  View on GitHub
  ☆158Dec 14, 2023Updated 2 years ago
• 0xRedpoll / ludus_cobaltstrike_teamserver

  View on GitHub
  Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
  ☆18Mar 19, 2025Updated last year
• FSecureLABS / Azurite

  View on GitHub
  Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
  ☆254Feb 20, 2019Updated 7 years ago
• MartinIngesen / MSOLSpray

  View on GitHub
  A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if …
  ☆95Jun 6, 2024Updated last year
• Azure / Stormspotter

  View on GitHub
  Azure Red Team tool for graphing Azure and Azure Active Directory objects
  ☆1,701Jan 8, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• chryzsh / chryzsh.github.io

  View on GitHub
  Windows stuff
  ☆16Feb 5, 2020Updated 6 years ago
• mikesiegel / ews-crack

  View on GitHub
  ☆140Dec 31, 2019Updated 6 years ago
• NetSPI / DAFT

  View on GitHub
  DAFT: Database Audit Framework & Toolkit
  ☆184Aug 11, 2021Updated 4 years ago
• JohnWoodman / VBA-Macro-Projects

  View on GitHub
  This repository is a collection of my malicious VBA projects.
  ☆119Feb 13, 2021Updated 5 years ago
• zxsecurity / glugger

  View on GitHub
  The fastest (and least featureful) DNS bruteforcer in the South
  ☆27Dec 31, 2019Updated 6 years ago
• FalconForceTeam / reply-url-brute

  View on GitHub
  Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure
  ☆15Jan 23, 2025Updated last year
• dirkjanm / ROADtools

  View on GitHub
  A collection of Azure AD/Entra tools for offensive and defensive security purposes
  ☆2,598Feb 5, 2026Updated 3 months ago
• ustayready / ShredHound

  View on GitHub
  Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
  ☆97Apr 13, 2023Updated 3 years ago
• SadProcessor / CypherDog

  View on GitHub
  PoSh BloodHound Dog Whisperer
  ☆193May 23, 2023Updated 2 years ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• SadProcessor / WatchDog

  View on GitHub
  BloodHound Data Scanner
  ☆45Jul 7, 2020Updated 5 years ago
• kmkz / Pentesting

  View on GitHub
  Tricks for penetration testing
  ☆587Apr 22, 2026Updated 2 weeks ago
• curi0usJack / rubeus2ccache

  View on GitHub
  Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
  ☆67Oct 3, 2020Updated 5 years ago
• cyberark / BlobHunter

  View on GitHub
  Find exposed data in Azure with this public blob scanner
  ☆353Jul 7, 2024Updated last year
• RedSiege / CLM-Base64

  View on GitHub
  This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode
  ☆27Jun 25, 2024Updated last year
• mandiant / ADFSDump

  View on GitHub
  ☆384Aug 7, 2023Updated 2 years ago
• anshumanbh / merge-nmap-masscan

  View on GitHub
  Merge results from NMAP and Masscan into one CSV file
  ☆18Jun 19, 2018Updated 7 years ago
• Static-Flow / CloudCopy

  View on GitHub
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆123Nov 2, 2019Updated 6 years ago
• iamagarre / BadExclusions

  View on GitHub
  BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
  ☆21Feb 8, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• morRubin / AzureADJoinedMachinePTC

  View on GitHub
  Tool to perform lateral movement between AAD joined devices
  ☆66Jun 8, 2022Updated 3 years ago
• PaulHCode / RecurringADChecks

  View on GitHub
  ☆13Feb 10, 2022Updated 4 years ago
• slygoo / pssrecon

  View on GitHub
  ☆42Oct 8, 2024Updated last year
• FSecureLABS / N1QLMap

  View on GitHub
  The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.
  ☆76Sep 2, 2020Updated 5 years ago
• staaldraad / troopers19

  View on GitHub
  All the content from my Troopers 19 talk
  ☆12Mar 20, 2019Updated 7 years ago
• Aetsu / OffensivePipeline

  View on GitHub
  OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…
  ☆820Oct 27, 2023Updated 2 years ago
• C-Sto / Jaqen

  View on GitHub
  ☆20Jan 25, 2019Updated 7 years ago