synacktiv/AADOutsider-py

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/synacktiv/AADOutsider-py)

synacktiv / AADOutsider-py

Python3 rewrite of AsOutsider features of AADInternals

☆60

Alternatives and similar repositories for AADOutsider-py

Users that are interested in AADOutsider-py are comparing it to the libraries listed below

Sorting:

synacktiv / SCCMSecrets
View on GitHub
SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.
☆261Nov 22, 2025Updated 3 months ago
0xRedpoll / ludus_cobaltstrike_teamserver
View on GitHub
Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers
☆18Mar 19, 2025Updated 11 months ago
RedSiege / SharpCollectionTemplate
View on GitHub
☆14Sep 26, 2023Updated 2 years ago
LuemmelSec / APEX
View on GitHub
Azure Post Exploitation Framework
☆244Oct 27, 2025Updated 4 months ago
zblurx / dploot
View on GitHub
DPAPI looting remotely and locally in Python
☆542Oct 7, 2025Updated 4 months ago
RedTeamPentesting / keycred
View on GitHub
Generate and Manage KeyCredentialLinks
☆248Jan 30, 2026Updated last month
Tw1sm / pyldapsearch
View on GitHub
Tool for issuing manual LDAP queries which offers bofhound compatible output
☆42Jan 14, 2026Updated last month
xforcered / SoaPy
View on GitHub
SoaPy is a Proof of Concept (PoC) tool for conducting offensive interaction with Active Directory Web Services (ADWS) from Linux hosts.
☆262Feb 21, 2025Updated last year
zyn3rgy / smbtakeover
View on GitHub
BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
☆345Nov 19, 2024Updated last year
ToweringDragoon / SACL_Scanner
View on GitHub
SACL Scanner is a tool designed to scan and analyze SACLs.
☆51Feb 13, 2025Updated last year
secureworks / pytune
View on GitHub
☆285Aug 14, 2025Updated 6 months ago
synacktiv / OUned
View on GitHub
The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
☆154Nov 2, 2025Updated 4 months ago
garrettfoster13 / sccmhunter
View on GitHub
SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…
☆892Feb 18, 2026Updated 2 weeks ago
CCob / Shwmae
View on GitHub
☆160Jan 27, 2025Updated last year
logangoins / Stifle
View on GitHub
.NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS
☆150Feb 10, 2025Updated last year
nullenc0de / trust-validator
View on GitHub
Validates priv escalation of AD trusts
☆48Apr 1, 2025Updated 11 months ago
snovvcrash / RemoteRegSave
View on GitHub
A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host
☆41Dec 8, 2023Updated 2 years ago
WKL-Sec / dcomhijack
View on GitHub
Lateral Movement Using DCOM and DLL Hijacking
☆325Jun 18, 2023Updated 2 years ago
mandiant / msi-search
View on GitHub
☆292Jul 20, 2023Updated 2 years ago
techBrandon / CAPs
View on GitHub
Scripts to enumerate and report on Entra Conditional Access
☆41Sep 5, 2025Updated 6 months ago
0xthirteen / reg_snake
View on GitHub
Python tool to interact with WMI StdRegProv
☆60Nov 19, 2024Updated last year
wotwot563 / aad_prt_bof
View on GitHub
☆159Apr 17, 2024Updated last year
synacktiv / GPOddity
View on GitHub
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
☆360Dec 13, 2025Updated 2 months ago
secureworks / BAADTokenBroker
View on GitHub
☆117Jun 17, 2025Updated 8 months ago
atomicchonk / roadrecon_mcp_server
View on GitHub
Claude MCP server to perform analysis on ROADrecon data
☆48Mar 30, 2025Updated 11 months ago
kozmer / aad-bofs
View on GitHub
☆138Nov 17, 2025Updated 3 months ago
1njected / CMLoot
View on GitHub
Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) SMB shares
☆190Feb 5, 2023Updated 3 years ago
zyn3rgy / LdapRelayScan
View on GitHub
Check for LDAP protections regarding the relay of NTLM authentication
☆530Nov 19, 2024Updated last year
CrowdStrike / sccmhound
View on GitHub
A BloodHound collector for Microsoft Configuration Manager
☆391Jul 7, 2025Updated 7 months ago
SpecterOps / cred1py
View on GitHub
A Python POC for CRED1 over SOCKS5
☆165Oct 5, 2024Updated last year
zimedev / certipy-merged
View on GitHub
Tool for Active Directory Certificate Services enumeration and abuse
☆164Apr 17, 2025Updated 10 months ago
rweijnen / createdump
View on GitHub
Leverage WindowsApp createdump tool to obtain an lsass dump
☆153Sep 20, 2024Updated last year
Friends-Security / SharpExclusionFinder
View on GitHub
Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …
☆230Oct 6, 2024Updated last year
Dec0ne / DavRelayUp
View on GitHub
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the …
☆568Jun 5, 2023Updated 2 years ago
CCob / Volumiser
View on GitHub
☆428Apr 22, 2025Updated 10 months ago
badsectorlabs / sccm-http-looter
View on GitHub
Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)
☆209Sep 30, 2024Updated last year
mlcsec / EDRenum-BOF
View on GitHub
Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
☆129Oct 4, 2024Updated last year
Octoberfest7 / ThreadCPUAssignment_POC
View on GitHub
A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread
☆30Sep 24, 2025Updated 5 months ago
synacktiv / captaincredz
View on GitHub
CaptainCredz is a modular and discreet password-spraying tool.
☆134Jul 22, 2025Updated 7 months ago