Alternatives and similar repositories for family-of-client-ids-research

Users that are interested in family-of-client-ids-research are comparing it to the libraries listed below

• f-bader / TokenTacticsV2

  View on GitHub
  A fork of the great TokenTactics with support for CAE and token endpoint v2
  ☆385Feb 9, 2026Updated last week
• rvrsh3ll / TokenTactics

  View on GitHub
  Azure JWT Token Manipulation Toolset
  ☆713Dec 6, 2024Updated last year
• dirkjanm / ROADtools

  View on GitHub
  A collection of Azure AD/Entra tools for offensive and defensive security purposes
  ☆2,516Feb 5, 2026Updated last week
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆368Jan 20, 2026Updated 3 weeks ago
• Flangvik / TeamFiltration

  View on GitHub
  TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
  ☆1,368Oct 22, 2025Updated 3 months ago
• RedByte1337 / GraphSpy

  View on GitHub
  Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
  ☆1,030Dec 31, 2025Updated last month
• JumpsecLabs / TokenSmith

  View on GitHub
  TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …
  ☆379Jan 23, 2025Updated last year
• secureworks / BAADTokenBroker

  View on GitHub
  ☆116Jun 17, 2025Updated 8 months ago
• dafthack / GraphRunner

  View on GitHub
  A Post-exploitation Toolset for Interacting with the Microsoft Graph API
  ☆1,249Jul 22, 2025Updated 6 months ago
• secureworks / pytune

  View on GitHub
  ☆283Aug 14, 2025Updated 6 months ago
• Gerenios / AADInternals

  View on GitHub
  AADInternals PowerShell module for administering Azure AD and Office 365
  ☆1,584Sep 30, 2025Updated 4 months ago
• xpn / WAMBam

  View on GitHub
  Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
  ☆130Jan 14, 2023Updated 3 years ago
• secureworks / TokenMan

  View on GitHub
  ☆104Oct 27, 2022Updated 3 years ago
• dafthack / MFASweep

  View on GitHub
  A tool for checking if MFA is enabled on multiple Microsoft Services
  ☆1,631Mar 4, 2025Updated 11 months ago
• HackmichNet / AzTokenFinder

  View on GitHub
  ☆107Jan 4, 2023Updated 3 years ago
• rootsecdev / Azure-Red-Team

  View on GitHub
  Azure Security Resources and Notes
  ☆1,707Feb 2, 2026Updated 2 weeks ago
• garrettfoster13 / sccmhunter

  View on GitHub
  SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…
  ☆886Updated this week
• dirkjanm / roadtools_hybrid

  View on GitHub
  Hybrid AD utilities for ROADtools
  ☆107May 25, 2025Updated 8 months ago
• CCob / Shwmae

  View on GitHub
  ☆160Jan 27, 2025Updated last year
• mvelazc0 / BadZure

  View on GitHub
  BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…
  ☆485Feb 11, 2026Updated last week
• BloodHoundAD / BARK

  View on GitHub
  BloodHound Attack Research Kit
  ☆584Mar 18, 2025Updated 10 months ago
• Mayyhem / SharpSCCM

  View on GitHub
  A C# utility for interacting with SCCM
  ☆682Aug 20, 2025Updated 5 months ago
• nheiniger / SnaffPoint

  View on GitHub
  A tool for pointesters to find candies in SharePoint
  ☆278Nov 4, 2022Updated 3 years ago
• bugch3ck / SharpLdapWhoami

  View on GitHub
  WhoAmI by asking the LDAP service on a domain controller.
  ☆64Feb 8, 2022Updated 4 years ago
• leechristensen / RequestAADRefreshToken

  View on GitHub
  ☆156Dec 14, 2023Updated 2 years ago
• mlcsec / SharpGraphView

  View on GitHub
  Microsoft Graph API post-exploitation toolkit
  ☆95Jul 13, 2024Updated last year
• zh54321 / GraphPreConsentExplorer

  View on GitHub
  A comprehensive list of usable Entra ID first-party clients with pre-consented Microsoft Graph scopes, in a simple YAML-file explorable w…
  ☆148Nov 16, 2025Updated 3 months ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆244Oct 27, 2025Updated 3 months ago
• subat0mik / Misconfiguration-Manager

  View on GitHub
  Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…
  ☆1,089Feb 4, 2026Updated 2 weeks ago
• Cloud-Architekt / AzureAD-Attack-Defense

  View on GitHub
  This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and …
  ☆2,468Dec 31, 2025Updated last month
• mvelazc0 / msInvader

  View on GitHub
  M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…
  ☆322Oct 12, 2025Updated 4 months ago
• SpecterOps / cred1py

  View on GitHub
  A Python POC for CRED1 over SOCKS5
  ☆164Oct 5, 2024Updated last year
• Hagrid29 / AbuseAzureAPIPermissions

  View on GitHub
  Abuse Azure API permissions for red teaming
  ☆71Jan 24, 2023Updated 3 years ago
• mdsecactivebreach / Farmer

  View on GitHub
  ☆415Apr 28, 2021Updated 4 years ago
• fkasler / cuddlephish

  View on GitHub
  Weaponized Browser-in-the-Middle (BitM) for Penetration Testers
  ☆601Dec 9, 2025Updated 2 months ago
• CCob / DRSAT

  View on GitHub
  Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…
  ☆273Dec 27, 2024Updated last year
• xforcered / ADOKit

  View on GitHub
  Azure DevOps Services Attack Toolkit
  ☆313Mar 15, 2025Updated 11 months ago
• MaLDAPtive / Invoke-Maldaptive

  View on GitHub
  MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.
  ☆336Aug 7, 2024Updated last year
• secureworks / PhishInSuits

  View on GitHub
  ☆118Jun 2, 2021Updated 4 years ago