Alternatives and similar repositories for Active-Directory-Recon:

Users that are interested in Active-Directory-Recon are comparing it to the libraries listed below

• eversinc33 / CredGuess
  Generate password spraying lists based on the pwdLastSet-attribute of users.
  ☆55Updated last year
• IAMinZoho / OFFSEC-PowerShell
  My Favorite Offensive Security Scripts
  ☆66Updated last year
• AssuranceMaladieSec / AD-description-password-finder
  Retrieve AD accounts description and search for password in it
  ☆83Updated 2 years ago
• foxlox / hypobrychium
  Duplicate not owned Token from Running Process
  ☆72Updated last year
• myexploit / living_off_the_land
  ☆43Updated 7 months ago
• mertdas / SharpLateral
  Lateral Movement
  ☆122Updated last year
• sse-secure-systems / Active-Directory-Spotlights
  ☆35Updated last year
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆168Updated 2 years ago
• Leo4j / Invoke-SMBRemoting
  Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
  ☆158Updated 2 months ago
• dadevel / mssql-spider
  Automated exploitation of MSSQL servers at scale
  ☆106Updated 3 weeks ago
• CCob / gssapi-abuse
  A tool for enumerating potential hosts that are open to GSSAPI abuse within Active Directory networks
  ☆148Updated last year
• SpecterOps / bloodhound-cli
  ☆43Updated 3 weeks ago
• ananth-she11z / AutoSQL
  A tool to enumerate and exploit SQL Servers in AD
  ☆34Updated last year
• Acceis / bqm
  Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.
  ☆36Updated 10 months ago
• alperenugurlu / Nac_Bypass_Agent
  This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the …
  ☆73Updated last year
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆56Updated 3 months ago
• Hagrid29 / AbuseAzureAPIPermissions
  Abuse Azure API permissions for red teaming
  ☆61Updated 2 years ago
• emiliensocchi / azurehound-queries
  🌩️ Collection of BloodHound queries for Azure
  ☆57Updated last month
• powerseb / PowerExtract
  ☆113Updated last year
• arth0sz / Practice-AD-CS-Domain-Escalation
  Introductory guide on the configuration and subsequent exploitation of Active Directory Certificate Services with Certipy. Based on the w…
  ☆114Updated last year
• icyguider / NewPowerDNS
  Updated version of PowerDNS by @domchell. Adds support for transfers over DNS A records and a few other useful features.
  ☆82Updated last year
• yehia-mamdouh / Shell3er
  PowerShell Reverse Shell
  ☆61Updated last year
• spyr0-sec / AutomatedBadLab
  PowerShell scripts to create sandboxed or vulnerable environments using HyperV and AutomatedLab
  ☆76Updated 2 weeks ago
• WafflesExploits / Bloodhound-query-legacy2ce
  A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …
  ☆22Updated last month
• h4wkst3r / ADOKit
  Azure DevOps Services Attack Toolkit
  ☆137Updated 6 months ago
• The-Viper-One / Invoke-RDPThief
  Inject RDPThief into memory with PowerShell.
  ☆60Updated last month
• SpecterOps / cred1py
  A Python POC for CRED1 over SOCKS5
  ☆139Updated 4 months ago
• LaresLLC / SlinkyCat
  Slinky Cat attempts to give users an easy-to-navigate menu offering predefined Active Directory Service Interfaces (ADSI) and .NET querie…
  ☆78Updated last year
• Yeeb1 / SharpLansweeperDecrypt
  Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.
  ☆35Updated 2 months ago
• MWR-CyberSec / AD-CS-Forest-Exploiter
  Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise
  ☆89Updated last year