#
juushya
Follow
Starred repositories
Collection of tools that reflect the network dimension into Bloodhound's data
Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.
Modular Enumeration and Password Spraying Framework
A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a…
Automation Runbook to retrieve all Azure AD application credentials (secrets and certificates) and send a mail report via Office 365 mail account about expiration status.
PowerShell module to manage Azure Active Directory app credentials.
Tooling for assessing an Azure AD tenant state and configuration
Extendable payload obfuscation and delivery framework
Real-time face swap for PC streaming or video calls
This talk is about getting mimikatz to be undetectable by obfuscating it via powershell
5
Updated Sep 6, 2021
A curated list of awesome BloodhoundAD resources
A list of useful Powershell scripts with 100% AV bypass (At the time of publication).
retrieve information via O365 and AzureAD with a valid cred
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Core bypass Windows Defender and execute any binary converted to shellcode
Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
Rust Weaponization for Red Team Engagements.
EXOCET - AV-evading, undetectable, payload delivery tool
Python script that performs email address validation against Office 365 without submitting login attempts.
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling