Alternatives and similar repositories for CAPs:

Users that are interested in CAPs are comparing it to the libraries listed below

• bouj33boy / Domain-Persistence-Detection-Triage-and-Recovery-SO-CON-2024
  Resources Links for the Research Based on Josh Prager and Nico Shyne's
  ☆13Updated 5 months ago
• sap8899 / Group3rExplorer
  Fun GUI for Group3rs output log
  ☆37Updated last year
• bagelByt3s / ludus_adfs
  An Ansible collection that installs an ADFS deployment with optional configurations.
  ☆27Updated 3 months ago
• sleeptok3n / RoleCrawl
  ☆20Updated last year
• techspence / BadShares
  A tool to create randomly insecure file shares that also contain unsecured credential files
  ☆36Updated 10 months ago
• BloodHoundAD / TierZeroTable
  Table of AD and Azure assets and whether they belong to Tier Zero
  ☆26Updated last year
• C0axx / Modified-Thycotic-Secret-Stealer
  Modified-Thycotic-Secret-Stealer for use with DPAPI and offline Decryption
  ☆19Updated 2 years ago
• emiliensocchi / azurehound-queries
  🌩️ Collection of BloodHound queries for Azure
  ☆60Updated 2 months ago
• Tamirye / Find-SensitiveAzStorageAccounts
  A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation …
  ☆12Updated 11 months ago
• olafhartong / BHCEupload
  A small go tool to upload JSON files to the BloodHound community edition API
  ☆30Updated 9 months ago
• ToweringDragoon / SACL_Scanner
  SACL Scanner is a tool designed to scan and analyze SACLs.
  ☆35Updated last month
• Mr-Un1k0d3r / MsGraphFunzy
  Scripts to interact with Microsoft Graph APIs
  ☆36Updated 4 months ago
• ZephrFish / LOLSearches
  Living off the land searches for explorer and sharepoint
  ☆57Updated 4 months ago
• kiwids0220 / deviceCode2WinHello
  A small script that automates Entra ID persistence with Windows Hello For Business key
  ☆55Updated last month
• heartburn-dev / PKI-Escalate
  Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…
  ☆25Updated last year
• AssuranceMaladieSec / FoxTerrier
  Python tool to find vulnerable AD object and generating csv report
  ☆26Updated 2 years ago
• 4ndr3w6 / Presentations
  ☆13Updated last year
• Gerenios / AADInternals-Endpoints
  AADInternals-Endpoints PowerShell module
  ☆19Updated last month
• dmcxblue / AzureRedirector
  A C# project that builds a Web Applciation which redirects all HTTPS
  ☆24Updated last month
• ASOT-LABS / TeamsBreaker
  ☆46Updated last year
• slygoo / pssrecon
  ☆19Updated 5 months ago
• secureworks / primary-refresh-token-viewer
  ☆11Updated 2 years ago
• Tw1sm / pyldapsearch
  Tool for issuing manual LDAP queries which offers bofhound compatible output
  ☆20Updated 3 weeks ago
• mlcsec / SharpGraphView
  Microsoft Graph API post-exploitation toolkit
  ☆94Updated 8 months ago
• myexploit / Hunt
  ☆20Updated 3 months ago
• rvrsh3ll / FindIngressEmail
  Find Inbound Email Domains
  ☆22Updated last year
• OtterHacker / ShareFouine
  ☆49Updated 4 months ago
• nicolonsky / AzureAiTMFunction
  Azure AiTM Function PoC to phish Entra ID Credentials
  ☆22Updated 5 months ago
• Leo4j / Invoke-ShareHunter
  Enumerate the Domain for Readable and Writable Shares
  ☆17Updated last month
• nettitude / SharpConflux
  ☆65Updated last year