Stars
Attack and defend active directory using modern post exploitation adversary tradecraft activity
The Official USB Rubber Ducky Payload Repository
Community-driven baseline to accelerate Intune adoption and learning.
Copy, export, import, delete, document and compare policies and profiles in Intune and Azure with PowerShell script and WPF UI. Import ADMX files and registry settings with ADMX ingestion. View and…
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
Open source codebase powering the HuggingChat app
PowerSploit - A PowerShell Post-Exploitation Framework
Nidhogg is an all-in-one simple to use windows kernel rootkit.
A little tool to play with Windows security
.NET Project for performing Authenticated Remote Execution
Empire is a PowerShell and Python post-exploitation agent.
TaskMgr Volatile Environment LPE
.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.
Impacket is a collection of Python classes for working with network protocols.
Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.
A collection of Azure AD/Entra tools for offensive and defensive security purposes
Kerberos unconstrained delegation abuse toolkit
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
DDSpoof is a tool that enables DHCP DNS Dynamic Update attacks against Microsoft DHCP servers in AD environments.