Tools for Kerberos PKINIT and relaying to AD CS

PowerSploit - A PowerShell Post-Exploitation Framework

Six Degrees of Domain Admin

A Python based ingestor for BloodHound

A tool to perform Kerberos pre-auth bruteforcing

Trying to tame the three-headed dog.

Python script to enumerate users, groups and computers from a Windows domain through LDAP queries

Tool to audit and attack LAPS environments

SMBMap is a handy SMB enumeration tool

The ultimate WinRM shell for hacking/pentesting

Find vulnerabilities in AD Group Policy, but do it better than Grouper2 did.

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Extracts Key Values from .keytab files

linikatz is a tool to attack AD on UNIX

Kerberoast with ACL abuse capabilities

Active Directory and Internal Pentest Cheatsheets

C# Data Collector for BloodHound

C# implementation of harmj0y's PowerView

Python3 script to quickly get various information from a domain controller through his LDAP service.

PingCastle - Get Active Directory Security at 80% in 20% of the time

A tool to automatically create Edges for BloodHound

Azure Data Exporter for BloodHound

PowerShell framework to assess Azure security

BlueHound - pinpoint the security issues that actually matter

Identify the attack paths in BloodHound breaking your AD tiering

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

A tool for performing light brute-forcing of HTTP servers to identify commonly accessible NTLM authentication endpoints.

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.