Active Directory Security Tools

Dominate Active Directory with PowerShell.

Active Directory data ingestor for BloodHound Community Edition written in Rust. 🦀

Active Directory Auditing and Enumeration

A fast TCP/UDP tunnel over HTTP

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

Windows Local Privilege Escalation Cookbook

Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel

A cross-platform tool to find traces of old SIDs remaining in LDAP objects of the Active Directory

Tools for Kerberos PKINIT and relaying to AD CS

"Golden" certificates

Dumping DPAPI credz remotely

An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD

a real-world reconnaissance against SMB discovery automation

Active Directory information dumper via LDAP

autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat

Active Directory Mindmap Recipes: A Compromise à la Carte

PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.

Tool for Active Directory Certificate Services enumeration and abuse

A tool to perform Kerberos pre-auth bruteforcing

smbclient-ng, a fast and user friendly way to interact with SMB shares.

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.

The Network Execution Tool

Remote Desktop Protocol .NET Console Application for Authenticated Command Execution