Alternatives and similar repositories for bad_guest:

Users that are interested in bad_guest are comparing it to the libraries listed below

• whokilleddb / SOAPHound
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆33Updated 11 months ago
• heartburn-dev / PKI-Escalate
  Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…
  ☆25Updated last year
• nullenc0de / Internal_Pentest
  Scripts that automate portions of pentests.
  ☆50Updated last week
• skelsec / adiskreader-secretsdump
  Extract registry and NTDS secrets from local or remote disk images
  ☆40Updated last month
• synacktiv / AADOutsider-py
  Python3 rewrite of AsOutsider features of AADInternals
  ☆45Updated 4 months ago
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆37Updated 5 months ago
• emptynebuli / dauthi
  dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…
  ☆41Updated last year
• dunderhay / entraspray
  Password spraying tool for Microsoft Online accounts (Entra/Azure/O365)
  ☆31Updated last year
• xpn / malIDP
  ☆13Updated last year
• myexploit / living_off_the_land
  ☆44Updated 10 months ago
• synacktiv / kcmdump
  Dump Kerberos tickets from the KCM database of SSSD
  ☆50Updated 7 months ago
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆36Updated 5 months ago
• ImpostorKeanu / eavesarp-ng
  ☆27Updated this week
• Tw1sm / pyldapsearch
  Tool for issuing manual LDAP queries which offers bofhound compatible output
  ☆21Updated 2 months ago
• atomicchonk / roadrecon_mcp_server
  Claude MCP server to perform analysis on ROADrecon data
  ☆36Updated last month
• milosilo / DLL-Proxy-Hijacking-Microsoft-Teams
  Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example
  ☆14Updated 4 years ago
• 0xB455 / ActiveSyncBruter
  ☆23Updated 2 months ago
• GeorgePatsias / AskCreds-CS
  A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.
  ☆14Updated 2 years ago
• OffsecDeer / TargetedTimeroast
  Tamper Active Directory user attributes to collect their hashes with MS-SNTP
  ☆25Updated 3 months ago
• OtterHacker / ShareFouine
  ☆50Updated 6 months ago
• Leo4j / PowerDACL
  A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)
  ☆57Updated 4 months ago
• Acceis / bqm
  Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.
  ☆38Updated last year
• nyxgeek / autodiscover_enum
  time-based user enum via Basic Auth in Azure against Autodiscover
  ☆32Updated 7 months ago
• surajpkhetani / Active-Directory-Permission-Abuse
  ☆12Updated 2 years ago
• 4ndr34z / prenum
  ☆27Updated last year
• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆56Updated last year
• WafflesExploits / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆26Updated 3 months ago
• scottctaylor12 / Red-Lambda
  Leveraging AWS Lambda Function URLs for C2 Redirection
  ☆31Updated last year
• ToweringDragoon / SACL_Scanner
  SACL Scanner is a tool designed to scan and analyze SACLs.
  ☆38Updated 2 months ago
• SySS-Research / ldif2bloodhound
  Convert an LDIF file to JSON files ingestible by BloodHound
  ☆42Updated last month