Fast context enumeration for newly obtained Active Directory credentials.
☆86Aug 26, 2025Updated 6 months ago
Alternatives and similar repositories for sauron
Users that are interested in sauron are comparing it to the libraries listed below
Sorting:
- ☆26Aug 11, 2025Updated 6 months ago
- Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-…☆16Jun 4, 2025Updated 9 months ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆38Jul 23, 2025Updated 7 months ago
- Slides and resources from MCTTP 2025 Talk☆66Oct 26, 2025Updated 4 months ago
- results of scraping OneDrive from February 2022 - March 2025☆27Apr 29, 2025Updated 10 months ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆61Aug 18, 2025Updated 6 months ago
- Ansible Role for Ludus to provision or remove a device to/from a Tailnet.☆13Dec 5, 2025Updated 3 months ago
- Caddy v2 module to filter requests based on C2 profiles☆46Apr 24, 2025Updated 10 months ago
- ☆49Apr 9, 2025Updated 10 months ago
- ☆15Apr 29, 2023Updated 2 years ago
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆59Apr 13, 2025Updated 10 months ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆107Sep 4, 2025Updated 6 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Enhance Your Active Directory Password Spraying with User Intelligence.☆313Dec 29, 2025Updated 2 months ago
- Group Policy Objects manipulation and exploitation framework☆296Dec 7, 2025Updated 3 months ago
- Local SYSTEM auth trigger for relaying☆168Jul 22, 2025Updated 7 months ago
- Docker container for running CobaltStrike 4.7 and above☆24Mar 20, 2025Updated 11 months ago
- IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare☆272Dec 15, 2025Updated 2 months ago
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- Azure APIs enumeration and abuse☆12Feb 26, 2026Updated last week
- Packet Monkey is a tool to filter and classify PCAPs using Wireshark filters☆11Feb 27, 2026Updated last week
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 3 months ago
- ☆100Sep 1, 2024Updated last year
- Build sneaky & malicious LNK files.☆160Jul 16, 2025Updated 7 months ago
- ☆15May 30, 2025Updated 9 months ago
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- A C project that generates usernames based on input lists and format you decide yourself☆11Jan 23, 2025Updated last year
- Dumping LSASS Evaded Endpoint Security Solutions☆18Feb 15, 2025Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆215Oct 19, 2024Updated last year
- Dump Kerberos tickets from the KCM database of SSSD☆56Dec 31, 2025Updated 2 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆76Oct 27, 2025Updated 4 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆102Jul 9, 2025Updated 7 months ago
- Advanced In-Memory PowerShell Process Injection Framework☆73Jul 16, 2025Updated 7 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆66Mar 17, 2025Updated 11 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and co…☆656Jan 16, 2026Updated last month
- This is the Git repository for the Modern Red Teaming workshop given at SINCON2024.☆12May 23, 2024Updated last year