Active Directory password filter featuring breached password checking and custom complexity rules

NTLMv1 Multitool

A repository of KQL queries focused on threat hunting and threat detecting for Microsoft Sentinel & Microsoft XDR (Former Microsoft 365 Defender).

Maester is a PowerShell based test automation framework to help you stay in control of your Microsoft security configuration.

Table of AD and Azure assets and whether they belong to Tier Zero

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

BloodyAD is an Active Directory Privilege Escalation Framework

Automation to assess the state of your M365 tenant against CISA's baselines

Provides tools that help with module development

SSH based reverse shell

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

Docs and samples for privileged identity and access management in Microsoft Azure and Microsoft Entra.

Intune managed Secured workstation

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

Amsi Bypass payload that works on Windwos 11

A natural language interface for computers

Scrapes the Windows Evaluation ISO addresses into a JSON data file

Six Degrees of Domain Admin

Reportly is an AzureAD user activity report tool.

Directory Services Internals (DSInternals) PowerShell Module and Framework

Credential Guard Bypass Via Patching Wdigest Memory

This is a collection of some of mine mindmaps abount pentesting created with Obsidian.

Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Sample queries for Advanced hunting in Microsoft 365 Defender