A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.
☆22May 4, 2023Updated 2 years ago
Alternatives and similar repositories for pentesting-azure-ad
Users that are interested in pentesting-azure-ad are comparing it to the libraries listed below
Sorting:
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 6 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆17Jun 3, 2025Updated 9 months ago
- Powershell Script to enumerate AzureAD and output good data☆14Nov 8, 2023Updated 2 years ago
- ☆13Mar 3, 2025Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆34Feb 1, 2026Updated last month
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆29Jul 25, 2023Updated 2 years ago
- A cheatsheet of tools and commands that I use to pentest Active Directory.☆52Mar 26, 2022Updated 3 years ago
- MLOps Attack Toolkit☆30Aug 25, 2025Updated 6 months ago
- Collection of templates for linux☆10Jun 2, 2024Updated last year
- A fast TCP/UDP tunnel over HTTP☆24Jan 9, 2025Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Collection of powershell scripts I used to complete my CARTP and CARTE courses.☆49Feb 27, 2026Updated last week
- ☆33Mar 19, 2025Updated 11 months ago
- A LAPS dumper written using the impacket library.☆32May 22, 2023Updated 2 years ago
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆61Apr 13, 2025Updated 10 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆36Nov 24, 2024Updated last year
- Lsass dumper evading (all ?) EDR detection☆49Nov 10, 2025Updated 3 months ago
- Malware detonation platform Polygon integration☆10Aug 1, 2023Updated 2 years ago
- Password spraying script and helper for creating password lists☆34Sep 4, 2020Updated 5 years ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- Versatile tool for managing wordlists☆11Jul 15, 2021Updated 4 years ago
- 内存加载FRP☆10Sep 11, 2023Updated 2 years ago
- This tool is a simple ffuf launcher which lets you select dynamically which wordlist and which extentions you want to fuzz.☆10Sep 10, 2025Updated 5 months ago
- Rapid Response sample Foundry app☆17Updated this week
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- Azure APIs enumeration and abuse☆12Feb 26, 2026Updated last week
- runs sliver command on all hosts, partially based on example in sliver repo☆13Mar 23, 2024Updated last year
- ☆44Jul 5, 2024Updated last year
- ☆22Apr 28, 2025Updated 10 months ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- Apache Superset Auth Bypass (CVE-2023-27524)☆11May 9, 2023Updated 2 years ago
- Obtain emails using the LinkedIn Graph API☆11Oct 1, 2025Updated 5 months ago
- ☆10Aug 9, 2024Updated last year
- 腾讯安全沙龙 一 二 三 期PPT集合☆19May 24, 2025Updated 9 months ago
- Backport of SliverStager to work with DotNetToJScript for vba☆17Aug 9, 2024Updated last year
- 一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webs…☆12Dec 18, 2023Updated 2 years ago
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 7 months ago
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation …☆13Apr 25, 2024Updated last year