#activedirectory

kerbrute
kerbrute

Bruteforce and enumerate Active Directory accounts through Kerberos pre-authentication.

NetExec
NetExec

Network service exploitation tool that helps automate assessing the security of large networks.

Certipy
Certipy

Active Directory Certificate Services enumeration and abuse.

Locksmith
Locksmith

Detect and fix common misconfigurations in Active Directory Certificate Services.

RustHound
RustHound

Active Directory data collector for BloodHound written in Rust.

ScriptSentry
ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.

spraykatz
spraykatz

Credentials gathering tool automating remote procdump and parse of lsass process.

BloodHound
BloodHound

Six Degrees of Domain Admin.

CrackMapExec
CrackMapExec

A swiss army knife for pentesting networks.

pywerview
pywerview

A (partial) Python rewriting of PowerSploit's PowerView.

Prenum
Prenum

The perils of the pre-Windows 2000 compatible access group in a Windows domain.

adPEAS
adPEAS

Powershell tool to automate Active Directory enumeration.

CypherDog
CypherDog

PowerShell Cmdlets to interact with BloodHound Data via Neo4j HTTP API.

Invoke-ADEnum
Invoke-ADEnum

Automate Active Directory Enumeration using PowerView.

LDAPNomNom
LDAPNomNom

Anonymously bruteforce Active Directory usernames by abusing LDAP Ping requests.

lsassy
lsassy

Python tool to remotely extract credentials on a set of hosts.

o365recon
o365recon

Retrieve information via O365 and AzureAD with valid credentials.

LDAP Password Hunter
LDAP Password Hunter

Password Hunter in active directory.

FindUncommonShares
FindUncommonShares

Quickly find uncommon shares in vast Windows domains.

ADRecon
ADRecon

Gather information about the Active Directory and generates a report.

AzureADLateralMovement
AzureADLateralMovement

Lateral movement graph for Azure Active Directory.

Snaffler
Snaffler

A tool to help at finding delicious candy needles in a bunch of horrible boring haystacks.

RidRelay
RidRelay

Enumerate usernames on a domain where you have no creds by using SMB relay.

jackdaw
jackdaw

Gather gather gather.

WinPwn
WinPwn

Automation for internal Windows pentest / AD-Security.

ADRT
ADRT

Active Directory Report Tool.

SharpHose
SharpHose

Asynchronous password spraying tool for Windows environments.

windapsearch
windapsearch

Enumerate users, groups and computers from a Windows domain through LDAP queries.

Rubeus
Rubeus

Rubeus is a toolkit for Kerberos interaction and abuses.

linWinPwn
linWinPwn

Automates a number of Active Directory enumeration and vulnerability.

msldap
msldap

LDAP library for auditing Microsoft Active Directory.

ADAPE Script
ADAPE Script

Active Directory assessment and privilege escalation script.

ADReaper
ADReaper

Enumerate an Active Directory environment with LDAP queries.

ADenum
ADenum

Find misconfiguration through LDAP to exploit weaknesses with Kerberos.