xpn/OktaPostExToolkit external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xpn/OktaPostExToolkit

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xpn/OktaPostExToolkit)

Close

xpn / OktaPostExToolkitView on GitHubMore

• External links
• Readme badge

☆200Nov 21, 2024Updated last year

Alternatives and similar repositories for OktaPostExToolkit

Users that are interested in OktaPostExToolkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• xpn / CloudInject

  View on GitHub
  ☆122Nov 21, 2024Updated last year
• garrettfoster13 / sccmhunter

  View on GitHub
  SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…
  ☆918Jun 4, 2026Updated last week
• blackarrowsec / Handly

  View on GitHub
  Abuse leaked token handles.
  ☆136Dec 14, 2023Updated 2 years ago
• LuemmelSec / APEX

  View on GitHub
  Azure Post Exploitation Framework
  ☆247Oct 27, 2025Updated 7 months ago
• CCob / okta-terrify

  View on GitHub
  Okta Verify and Okta FastPass Abuse Tool
  ☆343Sep 4, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• nheiniger / SnaffPoint

  View on GitHub
  A tool for pointesters to find candies in SharePoint
  ☆285Nov 4, 2022Updated 3 years ago
• zyn3rgy / smbtakeover

  View on GitHub
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆358Nov 19, 2024Updated last year
• S3cur3Th1sSh1t / SharpVeeamDecryptor

  View on GitHub
  Decrypt Veeam database passwords
  ☆225Dec 8, 2025Updated 6 months ago
• wh0amitz / S4UTomato

  View on GitHub
  Escalate Service Account To LocalSystem via Kerberos
  ☆403Sep 14, 2023Updated 2 years ago
• zblurx / certsync

  View on GitHub
  Dump NTDS with golden certificates and UnPAC the hash
  ☆651Mar 20, 2024Updated 2 years ago
• slemire / WSPCoerce

  View on GitHub
  PoC to coerce authentication from Windows hosts using MS-WSP
  ☆306Sep 7, 2023Updated 2 years ago
• 0xEr3bus / PoolPartyBof

  View on GitHub
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆449Dec 21, 2023Updated 2 years ago
• kozmer / aad-bofs

  View on GitHub
  ☆139Nov 17, 2025Updated 6 months ago
• AlmondOffSec / PassTheCert

  View on GitHub
  Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
  ☆755Sep 3, 2025Updated 9 months ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• Flangvik / Bobber

  View on GitHub
  Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
  ☆185Jun 9, 2024Updated 2 years ago
• xpn / WAMBam

  View on GitHub
  Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post
  ☆133Jan 14, 2023Updated 3 years ago
• REDMED-X / OperatorsKit

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆694Aug 15, 2025Updated 9 months ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆159Nov 7, 2023Updated 2 years ago
• med0x2e / NTLMRelay2Self

  View on GitHub
  An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
  ☆419Jan 27, 2024Updated 2 years ago
• xforcered / ADOKit

  View on GitHub
  Azure DevOps Services Attack Toolkit
  ☆316Mar 15, 2025Updated last year
• p0dalirius / pyLDAPWordlistHarvester

  View on GitHub
  A tool to generate a wordlist from the information present in LDAP, in order to crack passwords of domain accounts.
  ☆376Mar 24, 2026Updated 2 months ago
• Mayyhem / Maestro

  View on GitHub
  Abusing Azure services over C2
  ☆373Jan 20, 2026Updated 4 months ago
• skelsec / evilrdp

  View on GitHub
  ☆308Mar 15, 2025Updated last year
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• wavvs / nanorobeus

  View on GitHub
  COFF file (BOF) for managing Kerberos tickets.
  ☆326Jul 2, 2023Updated 2 years ago
• wotwot563 / aad_prt_bof

  View on GitHub
  ☆165Apr 17, 2024Updated 2 years ago
• mandiant / ccmpwn

  View on GitHub
  ☆221Mar 26, 2024Updated 2 years ago
• trustedsec / CS-Remote-OPs-BOF

  View on GitHub
  Remote operations commands implemented using Beacon Object Files
  ☆1,165Mar 5, 2026Updated 3 months ago
• antroguy / LocklessBof

  View on GitHub
  Lockless BOF
  ☆79May 2, 2025Updated last year
• zblurx / dploot

  View on GitHub
  DPAPI looting remotely and locally in Python
  ☆552Mar 13, 2026Updated 2 months ago
• ustayready / ShredHound

  View on GitHub
  Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
  ☆97Apr 13, 2023Updated 3 years ago
• FalconForceTeam / SOAPHound

  View on GitHub
  SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…
  ☆883Feb 3, 2024Updated 2 years ago
• fortalice / bofhound

  View on GitHub
  Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
  ☆406Feb 23, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• 0xZDH / redirect.rules

  View on GitHub
  Quick and dirty dynamic redirect.rules generator
  ☆171Oct 12, 2022Updated 3 years ago
• mlcsec / ASRenum-BOF

  View on GitHub
  Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
  ☆164Mar 1, 2024Updated 2 years ago
• werdhaihai / AtlasReaper

  View on GitHub
  A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.
  ☆273Sep 14, 2023Updated 2 years ago
• nettitude / ETWHash

  View on GitHub
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆262May 10, 2023Updated 3 years ago
• Flangvik / TeamFiltration

  View on GitHub
  TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
  ☆1,385Mar 9, 2026Updated 3 months ago
• leftp / DPAPISnoop

  View on GitHub
  A C# tool to output crackable DPAPI hashes from user MasterKeys
  ☆141Sep 14, 2024Updated last year
• grimlockx / ADCSKiller

  View on GitHub
  An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
  ☆745May 19, 2023Updated 3 years ago