treebuilder / aad-sso-enum-brute-spray
POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
☆191Updated 2 years ago
Related projects: ⓘ
- Collection of cyphers for bloodhound☆141Updated 2 months ago
- A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)☆177Updated 3 years ago
- ☆348Updated last month
- Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb☆139Updated 3 years ago
- Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls…☆213Updated 3 years ago
- User enumeration with Microsoft Teams API☆164Updated 3 years ago
- ☆119Updated this week
- Enumerate AD through LDAP with a collection of helpfull scripts being bundled☆139Updated 2 weeks ago
- RACE is a PowerShell module for executing ACL attacks against Windows targets.☆207Updated last year
- Password attacks and MFA validation against various endpoints in Azure and Office 365☆148Updated last year
- Ansible playbook to deploy a phishing engagement in the cloud.☆216Updated 2 years ago
- Protocol agnostic online password guessing API.☆79Updated last year
- AzureRT - A Powershell module implementing various Azure Red Team tactics☆227Updated 2 years ago
- Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.☆250Updated 3 years ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆215Updated 2 years ago
- ☆178Updated last year
- Custom PowerShell module to setup an Active Directory lab environment to practice penetration testing.☆170Updated 2 years ago
- Modular Enumeration and Password Spraying Framework☆104Updated 5 months ago
- Material for the "Hands-On BloodHound" Workshop☆104Updated 3 years ago
- Office 365 and Exchange Enumeration☆176Updated 5 years ago
- ☆146Updated last year
- AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Co…☆208Updated 3 years ago
- scan for NTLM directories☆345Updated 2 months ago
- Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.☆231Updated 4 months ago
- A tool for pointesters to find candies in SharePoint☆228Updated last year
- Enumerate Domain Data☆314Updated last year
- Finding all things on-prem Microsoft for password spraying and enumeration.☆251Updated 2 years ago
- Active Directory Lab for Penetration Testing☆48Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆309Updated last year