nccgroup / SteppingStonesLinks
A Red Team Activity Hub
☆209Updated last week
Alternatives and similar repositories for SteppingStones
Users that are interested in SteppingStones are comparing it to the libraries listed below
Sorting:
- SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.☆230Updated 4 months ago
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆185Updated last year
- Everything and anything related to password spraying☆141Updated last year
- Azure mindmap for penetration tests☆185Updated last year
- RedInfraCraft automates the deployment of powerful red team infrastructures! It streamlines the setup of C2s, makes it easy to create adv…☆193Updated 2 months ago
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆176Updated 9 months ago
- Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit☆149Updated 6 months ago
- Continuous password spraying tool☆189Updated 3 months ago
- linikatz is a tool to attack AD on UNIX☆148Updated last year
- ☆159Updated last year
- ☆182Updated 7 months ago
- Make everyone in your VLAN ASRep roastable☆198Updated 3 months ago
- ☆177Updated last month
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆221Updated last month
- ☆199Updated last week
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆310Updated 7 months ago
- Azure AD cheatsheet for the CARTP course☆119Updated 3 years ago
- Lord Of Active Directory - automatic vulnerable active directory on AWS☆147Updated last year
- Custom Queries - Brought Up to BH4.1 syntax☆256Updated last month
- Impacket is a collection of Python classes for working with network protocols.☆283Updated 5 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆229Updated 2 months ago
- A cheatsheet for NetExec☆129Updated 2 weeks ago
- A tool to query for the existence of pre-windows 2000 computer objects.☆336Updated last month
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆172Updated last year
- Simple script to extract useful informations from the combo BloodHound + Neo4j☆250Updated 2 months ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆259Updated last year
- ☆169Updated 2 months ago
- Timeroasting scripts by Tom Tervoort☆290Updated last year
- peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.☆197Updated 2 months ago
- Offensive GPO dumping and analysis tool that leverages and enriches BloodHound data☆285Updated this week