Azure mindmap for penetration tests
☆195Nov 21, 2023Updated 2 years ago
Alternatives and similar repositories for Mindmaps
Users that are interested in Mindmaps are comparing it to the libraries listed below
Sorting:
- The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).☆361Dec 13, 2025Updated 2 months ago
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.☆372Sep 29, 2025Updated 5 months ago
- TokenCert☆102Nov 15, 2024Updated last year
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago
- ☆568Mar 28, 2024Updated last year
- ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…☆1,053Jan 22, 2026Updated last month
- Azure DevOps Services Attack Toolkit☆314Mar 15, 2025Updated 11 months ago
- Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.☆1,259Dec 9, 2025Updated 2 months ago
- Tool to remotely dump secrets from the Windows registry☆522Nov 18, 2025Updated 3 months ago
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- A Python POC for CRED1 over SOCKS5☆164Oct 5, 2024Updated last year
- Dumping DPAPI credz remotely☆1,328Mar 24, 2025Updated 11 months ago
- Attempt at Obfuscated version of SharpCollection☆243Nov 15, 2025Updated 3 months ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆892Feb 18, 2026Updated last week
- Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel☆730Sep 3, 2025Updated 5 months ago
- CaptainCredz is a modular and discreet password-spraying tool.☆134Jul 22, 2025Updated 7 months ago
- Decrypt Veeam database passwords☆222Dec 8, 2025Updated 2 months ago
- ☆715Mar 22, 2024Updated last year
- Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (c…☆1,051Nov 9, 2024Updated last year
- Secretsdump C# version only supporting local (live) operation☆55Apr 20, 2025Updated 10 months ago
- Tool to automatically exploit Active Directory privilege escalation paths shown by BloodHound☆671Oct 23, 2025Updated 4 months ago
- Dominate Active Directory with PowerShell.☆1,164Nov 28, 2025Updated 3 months ago
- ☆307Mar 15, 2025Updated 11 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆155Nov 2, 2025Updated 3 months ago
- AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover se…☆1,475Jan 23, 2026Updated last month
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"☆14Dec 8, 2023Updated 2 years ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- A collection of Azure AD/Entra tools for offensive and defensive security purposes☆2,528Feb 5, 2026Updated 3 weeks ago
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Jun 6, 2024Updated last year
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- CVE-2013-4786 Go exploitation tool☆40Nov 18, 2025Updated 3 months ago
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆441May 29, 2024Updated last year
- ☆64Mar 14, 2024Updated last year
- Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI☆1,032Dec 31, 2025Updated 2 months ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- A red team tool that assists into extracting/dumping master credentials and/or entries from different password managers.☆787Jan 9, 2025Updated last year