nccgroup/SteppingStones

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/nccgroup/SteppingStones)

nccgroup / SteppingStones

A Red Team Activity Hub

☆234

Alternatives and similar repositories for SteppingStones

Users that are interested in SteppingStones are comparing it to the libraries listed below

Sorting:

SpecterOps / Nemesis
View on GitHub
An offensive data enrichment pipeline
☆924Updated this week
dazzyddos / HSC24RedTeamInfra
View on GitHub
Slides and Codes used for the workshop Red Team Infrastructure Automation
☆193Apr 14, 2024Updated last year
outflanknl / edr-internals
View on GitHub
Tools for analyzing EDR agents
☆277Jun 10, 2024Updated last year
CCob / okta-terrify
View on GitHub
Okta Verify and Okta FastPass Abuse Tool
☆340Sep 4, 2024Updated last year
nettitude / SharpConflux
View on GitHub
☆65Mar 15, 2024Updated last year
trustedsec / specula
View on GitHub
☆232Jun 10, 2025Updated 8 months ago
FalconForceTeam / SOAPHound
View on GitHub
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
☆862Feb 3, 2024Updated 2 years ago
Scorpion-Security-Labs / OpenHashAPI
View on GitHub
OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
☆13Oct 27, 2024Updated last year
spellshift / realm
View on GitHub
Realm is a cross platform Red Team engagement platform with a focus on automation and reliability.
☆598Updated this week
kozmer / aad-bofs
View on GitHub
☆138Nov 17, 2025Updated 3 months ago
Flangvik / Bobber
View on GitHub
Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
☆182Jun 9, 2024Updated last year
subat0mik / Misconfiguration-Manager
View on GitHub
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…
☆1,097Feb 20, 2026Updated last week
nbaertsch / AutoAppDomainHijack
View on GitHub
Automated .NET AppDomain hijack payload generation
☆129Feb 4, 2025Updated last year
Flangvik / TeamFiltration
View on GitHub
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
☆1,369Oct 22, 2025Updated 4 months ago
trustedsec / orpheus
View on GitHub
Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
☆412Mar 21, 2025Updated 11 months ago
CICADA8-Research / RemoteKrbRelay
View on GitHub
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
☆637May 8, 2025Updated 9 months ago
coffeegist / bofhound
View on GitHub
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
☆362Jan 29, 2026Updated last month
Mayyhem / Maestro
View on GitHub
Abusing Azure services over C2
☆367Jan 20, 2026Updated last month
trustedsec / The_Shelf
View on GitHub
Retired TrustedSec Capabilities
☆248Jan 5, 2026Updated 2 months ago
naksyn / Pyramid
View on GitHub
a tool to help operate in EDRs' blind spots
☆767Dec 2, 2024Updated last year
ricardojoserf / NativeDump
View on GitHub
Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)
☆701May 7, 2025Updated 9 months ago
garrettfoster13 / sccmhunter
View on GitHub
SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…
☆892Feb 18, 2026Updated 2 weeks ago
c3c / ADExplorerSnapshot
View on GitHub
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…
☆1,053Jan 22, 2026Updated last month
0xEr3bus / RdpStrike
View on GitHub
Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
☆250Jun 11, 2024Updated last year
Malcrove / SeamlessPass
View on GitHub
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
☆237Aug 25, 2024Updated last year
xforcered / ADOKit
View on GitHub
Azure DevOps Services Attack Toolkit
☆313Mar 15, 2025Updated 11 months ago
SafeBreach-Labs / DoubleDrive
View on GitHub
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
☆127May 28, 2024Updated last year
rvrsh3ll / TokenTactics
View on GitHub
Azure JWT Token Manipulation Toolset
☆716Dec 6, 2024Updated last year
Flangvik / QRucible
View on GitHub
Python utility that generates "imageless" QR codes in various formats
☆137Aug 10, 2024Updated last year
werdhaihai / AtlasReaper
View on GitHub
A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
☆271Sep 14, 2023Updated 2 years ago
dafthack / GraphRunner
View on GitHub
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
☆1,256Jul 22, 2025Updated 7 months ago
RedByte1337 / GraphSpy
View on GitHub
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
☆1,033Dec 31, 2025Updated 2 months ago
kyleavery / Multi-Stage-Mythic
View on GitHub
☆27Aug 8, 2021Updated 4 years ago
EspressoCake / BOF_NativeAPI_Definitions-VSCode
View on GitHub
A VSCode plugin to assist with BOF development.
☆37Aug 14, 2024Updated last year
EvanMcBroom / lsa-whisperer
View on GitHub
Tools for interacting with authentication packages using their individual message protocols
☆403Feb 1, 2026Updated last month
logangoins / Cable
View on GitHub
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
☆400Jul 23, 2025Updated 7 months ago
nettitude / TokenCert
View on GitHub
TokenCert
☆102Nov 15, 2024Updated last year
synacktiv / captaincredz
View on GitHub
CaptainCredz is a modular and discreet password-spraying tool.
☆134Jul 22, 2025Updated 7 months ago
absolomb / FindMeAccess
View on GitHub
☆207Dec 17, 2025Updated 2 months ago