Microsoft Graph API post-exploitation toolkit
☆95Jul 13, 2024Updated last year
Alternatives and similar repositories for SharpGraphView
Users that are interested in SharpGraphView are comparing it to the libraries listed below
Sorting:
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- TokenCert☆102Nov 15, 2024Updated last year
- ☆65Mar 15, 2024Updated 2 years ago
- ☆100Sep 1, 2024Updated last year
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆166Dec 7, 2024Updated last year
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- ☆121Nov 21, 2024Updated last year
- ☆234Oct 8, 2024Updated last year
- Extract registry and NTDS secrets from local or remote disk images☆45Mar 15, 2025Updated last year
- A simple Toolkit to BF and decrypt Windows EntraId CacheData☆20Jun 20, 2024Updated last year
- ☆91May 15, 2024Updated last year
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆398Jul 23, 2025Updated 7 months ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆898Mar 11, 2026Updated last week
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Jul 16, 2025Updated 8 months ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆413Mar 21, 2025Updated 11 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 3 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆460Aug 2, 2024Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 3 months ago
- Click Once + App Domain☆67Feb 23, 2026Updated 3 weeks ago
- To audit the security of read-only domain controllers☆118Nov 27, 2023Updated 2 years ago
- A BloodHound collector for Microsoft Configuration Manager☆393Jul 7, 2025Updated 8 months ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆271Sep 14, 2023Updated 2 years ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 6 months ago
- Zipper, a CobaltStrike file and folder compression utility.☆222Jan 18, 2020Updated 6 years ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆164Nov 2, 2025Updated 4 months ago
- Abuse Azure API permissions for red teaming☆71Jan 24, 2023Updated 3 years ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆238Aug 25, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆346Nov 19, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago