Haveibeenpwned Zxcvbn Lambda ApiDeploy your own secure API to estimate password strength and check haveibeenpwned for known matches - HTTPS by force, server not required, fire and brimstone sold separately 🔥
Stars: ✭ 57 (-62.5%)
Pw Pwnage CfworkerDeploy a Cloudflare Worker to sanely score users' new passwords with zxcvbn AND check for matches against haveibeenpwned's 7.8+ billion breached accounts
Stars: ✭ 125 (-17.76%)
keepassxc-pwnedCheck your keepassxc database against previously breached haveibeenpwned passwords
Stars: ✭ 25 (-83.55%)
Firepwned🙏 Checks Firefox saved passwords against known data leaks using the Have I Been Pwned API.
Stars: ✭ 69 (-54.61%)
SocialpwnedSocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB.
Stars: ✭ 104 (-31.58%)
WatchadAD Security Intrusion Detection System
Stars: ✭ 805 (+429.61%)
Dsinternals Directory Services Internals (DSInternals) PowerShell Module and Framework
Stars: ✭ 776 (+410.53%)
GofetchGoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.
Stars: ✭ 543 (+257.24%)
PwnedpasswordsdllOpen source solution to check prospective AD passwords against previously breached passwords
Stars: ✭ 71 (-53.29%)
Android ComplexifyAn Android library which makes checking the quality of user's password a breeze.
Stars: ✭ 111 (-26.97%)
RedsnarfRedSnarf is a pen-testing / red-teaming tool for Windows environments
Stars: ✭ 1,109 (+629.61%)
PasspwnSee if your passwords in pass has been breached.
Stars: ✭ 130 (-14.47%)
Dnn.azureadproviderThe DNN Azure Active Directory Provider is an Authentication provider for DNN Platform (formerly DotNetNuke) that uses Azure Active Directory OAuth2 authentication to authenticate users.
Stars: ✭ 21 (-86.18%)
PwnedornotOSINT Tool for Finding Passwords of Compromised Email Addresses
Stars: ✭ 888 (+484.21%)
PassganA Deep Learning Approach for Password Guessing (https://arxiv.org/abs/1709.00440)
Stars: ✭ 704 (+363.16%)
Vue PasswordA Vue.js password input component that includes a toggle to show the password and a customizable strength meter.
Stars: ✭ 94 (-38.16%)
ActionpacksPublic PowerShell script gallery for ScriptRunner.
Stars: ✭ 118 (-22.37%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+3482.24%)
PowershellPowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...)
Stars: ✭ 1,302 (+756.58%)
DarthsidiousBuilding an Active Directory domain and hacking it
Stars: ✭ 479 (+215.13%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+151.32%)
PsadhealthA toolkit of AD specific health checks that you can run in your environment to ensure your Active Directory is running optimally.
Stars: ✭ 114 (-25%)
Pwned Passwords DjangoUtilities for working with the Pwned Passwords database from Django.
Stars: ✭ 71 (-53.29%)
H8mailEmail OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
Stars: ✭ 2,163 (+1323.03%)
Terraform Provider AdActive Directory provider for HashiCorp Terraform (experimental)
Stars: ✭ 65 (-57.24%)
Zxcvbn RsPort of Dropbox's zxcvbn password strength library for Rust
Stars: ✭ 110 (-27.63%)
DeathstarUses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
Stars: ✭ 1,221 (+703.29%)
Vulnerable AdCreate a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
Stars: ✭ 360 (+136.84%)
AdsearchA tool to help query AD via the LDAP protocol
Stars: ✭ 137 (-9.87%)
Navajo SwiftPassword Validator & Strength Evaluator
Stars: ✭ 106 (-30.26%)
Probable WordlistsVersion 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
Stars: ✭ 7,312 (+4710.53%)
HibpA composer package to verify if a password was previously used in a breach using Have I Been Pwned API.
Stars: ✭ 126 (-17.11%)
Eloquent LdapA Laravel 5.1 package that first tries to log the user against the internal database if that fails, it tries against the configured LDAP/AD server.
Stars: ✭ 19 (-87.5%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-5.26%)
PingcastlePingCastle - Get Active Directory Security at 80% in 20% of the time
Stars: ✭ 775 (+409.87%)
AclightA script for advanced discovery of Privileged Accounts - includes Shadow Admins
Stars: ✭ 536 (+252.63%)
Password LeakA library to check for compromised passwords
Stars: ✭ 92 (-39.47%)
OrgkitProvision a brand-new company with proper defaults in Windows, Offic365, and Azure
Stars: ✭ 490 (+222.37%)
Bonobo Git ServerBonobo Git Server for Windows is a web application you can install on your IIS and easily manage and connect to your git repositories. Go to homepage for release and more info.
Stars: ✭ 1,693 (+1013.82%)
PlumhoundBloodhound for Blue and Purple Teams
Stars: ✭ 452 (+197.37%)
Mssqli DuetSQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing
Stars: ✭ 82 (-46.05%)
Adfs2Multi Vagrant environment with Active Directory
Stars: ✭ 117 (-23.03%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (+136.18%)
Dumb PasswordsDon't let your user be a victim of their own action
Stars: ✭ 77 (-49.34%)
Ldap Passwd WebuiVery simple web interface for changing password stored in LDAP or Active Directory (Samba 4 AD).
Stars: ✭ 150 (-1.32%)
LogontracerInvestigate malicious Windows logon by visualizing and analyzing Windows event log
Stars: ✭ 1,914 (+1159.21%)
Cr3dov3rKnow the dangers of credential reuse attacks.
Stars: ✭ 1,700 (+1018.42%)
Lil PwnyFast, offline auditing of Active Directory passwords using Python.
Stars: ✭ 117 (-23.03%)