Proof of concept: using a Cloudflare worker for AITM attacks
☆143Jan 28, 2025Updated last year
Alternatives and similar repositories for AITMWorker
Users that are interested in AITMWorker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Azure AiTM Function PoC to phish Entra ID Credentials☆27Nov 21, 2025Updated 7 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆18Apr 4, 2023Updated 3 years ago
- Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs☆577Jun 3, 2025Updated last year
- Slides and Codes used for the workshop Red Team Infrastructure Automation☆193Apr 14, 2024Updated 2 years ago
- ☆14Sep 26, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Bounces when a fish bites - Evilginx database monitoring with exfiltration automation☆185Jun 9, 2024Updated 2 years ago
- ☆103Oct 27, 2022Updated 3 years ago
- Abusing Azure services over C2☆376Jan 20, 2026Updated 5 months ago
- Initial Access and Post-Exploitation Tool for Entra ID and M365 with a browser-based GUI☆1,312Jun 9, 2026Updated 2 weeks ago
- Weaponized Browser-in-the-Middle (BitM) for Penetration Testers☆648Apr 2, 2026Updated 2 months ago
- TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and …☆407Jan 23, 2025Updated last year
- A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO☆245Aug 25, 2024Updated last year
- Azure Post Exploitation Framework☆247Oct 27, 2025Updated 7 months ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated 2 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented b…☆447May 29, 2024Updated 2 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response ca…☆328Oct 12, 2025Updated 8 months ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Tool to extract username and password of current user from PanGPA in plaintext☆89Dec 23, 2024Updated last year
- Set of python scripts which perform different ways of command execution via WMI protocol.☆165Jun 29, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆802Jan 26, 2026Updated 4 months ago
- BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse en…☆509Updated this week
- ☆122Nov 21, 2024Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive an…☆1,152May 13, 2026Updated last month
- Dump NTDS with golden certificates and UnPAC the hash☆651Mar 20, 2024Updated 2 years ago
- Running .NET from VBA☆147Feb 11, 2023Updated 3 years ago
- A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.☆177May 13, 2024Updated 2 years ago
- ☆52Jun 12, 2026Updated last week
- evilginx3 + gophish☆2,003Jun 15, 2024Updated 2 years ago
- ☆17Jun 25, 2024Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆167Mar 1, 2024Updated 2 years ago
- ☆570Mar 28, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling☆1,281Mar 19, 2025Updated last year
- Spartacus DLL/COM Hijacking Toolkit☆1,085Feb 1, 2024Updated 2 years ago
- Cortex EDR Ransomware protection Bypass☆27Feb 8, 2025Updated last year
- HTML Smuggling with Web Assembly☆76Feb 20, 2024Updated 2 years ago
- ☆100Sep 1, 2024Updated last year
- A fork of the great TokenTactics with support for CAE and token endpoint v2☆427Apr 12, 2026Updated 2 months ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆221Jan 30, 2026Updated 4 months ago