game of active directory

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Red Teaming Tactics and Techniques

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

HardeningKitty and Windows Hardening Settings

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

A collection of scripts for assessing Microsoft Azure security

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to…

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

Project Homepage & Forums

Automation to assess the state of your M365 tenant against CISA's baselines

A simple, fun, and interactive way to learn the PowerShell language through Pester unit testing.

Manages, configures, extracts and monitors Microsoft 365 tenant configurations

Azure Security Resources and Notes

A tool for checking if MFA is enabled on multiple Microsoft Services

This repository of PowerShell sample scripts show how to access Intune service resources. They demonstrate this by making HTTPS RESTful API requests to the Microsoft Graph API from PowerShell.

HardeningKitty - Checks and hardens your Windows configuration

PowerShell MachineAccountQuota and DNS exploit tools

Copy, export, import, delete, document and compare policies and profiles in Intune and Azure with PowerShell script and WPF UI. Import ADMX files and registry settings with ADMX ingestion. View and…

Active Directory Assessment and Privilege Escalation Script

Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Code samples and extended documentation to support the guidance provided in the Microsoft Cloud Adoption Framework

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsof…

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.