375 Open source projects that are alternatives of or similar to Windows Ad Environment Related

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

A Ruby framework designed to aid in the penetration testing of WordPress systems.

My solutions to some CTF challenges and a list of interesting resources about pwning stuff

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Simple Golang HTTPS/TLS Examples

Reverse-engineering tools and exploits for Samsung's implementation of TrustZone

🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.

Automatic SSRF fuzzer and exploitation tool

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Responsive Command and Control System

fsociety Hacking Tools Pack – A Penetration Testing Framework

Send encrypted PGP messages with one click

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

🐞 Primitive Erlang Security Tool

Awesome tools to exploit Windows !

Cloud Security Posture Management (CSPM)

🌸 Interactive shellcoding environment to easily craft shellcodes

AD Health Check, Send HTML Email, Ping machines, Encrypt Password,Bulk Password,Microsoft Teams,Monitor Certificate expiry, Monitor cert expiry, AD attributes, IP to Hostname, Export AD group, CSV to SQL,Shutdown, Restart, Local Admin, Disk Space, Account expiry,Restore Permissions, Backup permissions, Delete Files Older Than X-Days, export DHCP options,Read Registry,Distribution group AD attributes,Monitor Windows Services,Export Reverse DNS,Task Monitor,Monitor and alert, Exchange Health check,Get Network Info, Export AD Attributes,AD group members, Office 365 Group member, SQL to CSV, Outlook save send attachments, Upload files to FTP,Exchange – Total Messages Sent Received, Set Teams Only Mode, Intune Duplicate Device,Intune Cleanup Not Evaluated, Ownership and Grant Permissions, Write Create Modify Registry , Organization Hierarchy from AD,Azure AD Privileged Identity Management,Intune – Export MAM Devices,Intune Marking devices as Corporate, Dynamic to Static Distribution Group,Monitor Alert Office 365 services,Group Member Count,Bulk Addition external users sharepoint, ADD to Exchange online License Group,All in One Office 365 Powershell,Bulk Addition of Secondary Email, Automate move mailboxes to o365, Addition Modification Termination Exchange users, Monitoring Unified Messaging port,Unified Messaging Extensions Report, Set Default Quota for SharePoint,Bulk Contact Creation and Forwarding, Uploading and Downloading files sftp, Monitoring Sftp file and download, Office 365 groups Write back, CSV parser, Email address update, Email address modify, MDM enrollment, Welcome Email, Intune Welcome Email, remove messages, remove email, SKOB to AD, SKOB to group, PowerApps report, Powerautomate Report, Flow report, Server QA, Server Check List, O365 IP range, IP range Monitor, o365 Admin Roles, memberof extraction, CSV to Excel, Skype Policy, UPN Flip, Rooms Report, License Reconciliation,Intune Bulk Device Removal, Device Removal, Clear Activesync, Lync Account Termination,Lync Account Removal, Enable office 365 services, Enable o365 Services, Export PST, Site collection Report, Office 365 Group Sites, System Admin,ActiveSync Report,White Space,Active Directory attributes, outlook automation, Intune Detect App, Distribution list Fix, Legacy DN, start service, stop service, disable service, Message tracking, Distribution lists report,Distribution groups report,Quota Report, Auto reply, out of office, robocopy multi session, Home Folder, local admin, Database, UPN SIP Mismatch, Recoverable deleted, teams number, Number assignment, teams phone, AD Group Hierarchy, Hierarchy membership, Sync Groups

A self-service password management tool for Active Directory

Kubernetes Common Configuration Scoring System

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Linux Binary Exploitation

Find leaked secrets via github search

A static analysis security vulnerability scanner for Ruby on Rails applications

All-in-one tool for managing vulnerability reports from AppSec pipelines

Exploit Pack -The next generation exploit framework

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read

Security Evaluation of Dynamic Binary Instrumentation Engines

A collection where my current and future writeups for exploits/CTF will go

A collection of manifests that will create pods with elevated privileges.

Automatic SQL injection with Charles and sqlmap api

A command line security audit tool for Amazon Web Services

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

Hacking Toolkit

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Attify OS - Distro for pentesting IoT devices

This ansible role gets information from an AWS VPC and generate a graphical representation of security groups

This PowerShell Module has multiple functionalities, but one of the signature features of this module is the ability to parse Security logs on Domain Controllers providing easy to use access to AD Events.

Scripts to gather system configuration information for offline/remote auditing

An IDA Pro plugin to examine the glibc heap, focused on exploit development

A toolkit of AD specific health checks that you can run in your environment to ensure your Active Directory is running optimally.

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

pentest framework

🎖safely* install packages with npm or yarn by auditing them as part of your install process

Unit testing framework for test driven security of AWS, GCP, Heroku and more.

The Old BloodHound C# Ingestor (Deprecated)

A Python SDK for Tufin Orchestration Suite

Notes for taking the OSCP in 2097. Read in book form on GitBook

Exploit code for CVE-2016-9066

📚 VoidHack CTF write-ups

How to prepare for OSCP complete guide

Set of tools to audit SIP based VoIP Systems

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Writeup of CVE-2020-15906