Search Results for "active directory"
Sort By:
Showing 11 open source projects for "active directory"
View related business solutions-
Airlock Digital - Application Control (Allowlisting) Made SimpleFor organizations seeking the most effective way to prevent malware and ransomware in their environments. It has been designed to provide scalable, efficient endpoint security for organizations with even the most diverse architectures and rigorous compliance requirements. Built by practitioners for the world’s largest and most secure organizations, Airlock Digital delivers precision Application Control & Allowlisting for the modern enterprise.
-
Time tracking software for the global workforceIt's easy with Hubstaff, a time-tracking and workforce management platform that automates almost every aspect of running or growing a business. Teams can track time to projects and to-dos using Hubstaff's desktop, web, or mobile applications. You'll be able to see how much time your team spends on different tasks, plus productivity metrics like activity rates and app usage through Hubstaff's online dashboard. Most of the available features are customizable on a per-user basis, so you can create the team management tool you need.
-
1
GOAD (Game of Active Directory)
game of active directory
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts... -
2
AzureAD Attack Defense
This publication is a collection of various common attack scenarios
AzureAD-Attack-Defense is a community-maintained playbook that collects common attack scenarios against Microsoft Entra ID (formerly Azure Active Directory) together with detection and mitigation guidance. The repository is organized into focused chapters — for example: Password Spray, Consent Grant, Service Principals in Azure DevOps, Entra Connect Sync Service Account, Replay of Primary Refresh Token (PRT), Entra ID Security Config Analyzer, and Adversary-in-the-Middle — each written to explain the attack, show detection approaches, and recommend mitigation steps. ... -
3
Domain Password Spray
A tool written in PowerShell to perform password assessments
DomainPasswordSpray is a focused security tool designed to perform enterprise-scale password spraying assessments against Active Directory environments. It automates the process of attempting common or customized passwords against many accounts while respecting timing and throttling controls to reduce obvious lockout noise. The project includes features for credential list management, target selection (users, service accounts, or collections), and configurable rate limits so testers can tune the balance between coverage and stealth. ... -
4
BLAZAM
AD Web Management Platform
Blazam is a web app that lets you manage Active Directory, even from your phone. You can delegate account functions and let your users manage Active Directory objects. Blazam also has user templates, photo management, and recycle bin access. For most up to date info, see https://blazam.org -
Agentic AI SRE built for Engineering and DevOps teams.NeuBird AI's agentic AI SRE delivers autonomous incident resolution, helping team cut MTTR up to 90% and reclaim engineering hours lost to troubleshooting.
-
5
BloodHound Legacy
Six Degrees of Domain Admin
BloodHound Legacy is the deprecated open‑source version of the BloodHound Active Directory attack path analysis tool. It uses graph theory to model and visualize privileged relationships in AD, Entra ID, and Azure environments. Security professionals use it to enumerate domain privilege escalation paths, misconfigurations, and attack surfaces in corporate networks -
6
BloodHound
Six Degrees of Domain Admin
BloodHound is a single-page Javascript web application, built on top of Linkurious, compiled with Electron, with a Neo4j database fed by a C# data collector. BloodHound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory or Azure environment. Attackers can use BloodHound to easily identify highly complex attack paths that would otherwise be impossible to quickly identify. Defenders can use BloodHound to identify and eliminate those same attack paths. Both blue and red teams can use BloodHound to easily gain a deeper understanding of privilege relationships in an Active Directory or Azure environment. ... -
7
BadBlood
Flls Microsoft Active Directory Domain with a structure
BadBlood is a PowerShell toolkit that programmatically populates a Microsoft Active Directory domain with a realistic, large-scale structure of OUs, users, groups, computers, and permissions so defenders and testers can practice discovery, hardening, and incident response on a lifelike environment. It intentionally randomizes its output on every run so the created domain, objects, and ACL relationships are different each time, which helps teams exercise tooling and detection logic against varied scenarios. ... -
8
vulnerable-AD
Create a vulnerable active directory
Vulnerable-AD is a PowerShell toolkit that automates the creation of a deliberately insecure Active Directory domain for hands-on labs and testing. It builds a domain controller (or augments an existing AD installation) with a variety of common misconfigurations and intentional weaknesses so practitioners can exercise attack techniques such as Kerberoast, AS-REP roast, DCSync, Pass-the-Hash, Silver/Golden Ticket attacks, and more. -
9
Active Directory Exploitation
A cheat sheet that contains common enumeration and attack methods
Active-Directory-Exploitation-Cheat-Sheet is a comprehensive, community-curated cheat sheet that collects practical enumeration commands, attack techniques, and quick references for attacking and auditing Windows Active Directory environments. The repository is organized as a stepwise kill-chain: recon, domain enumeration, local privilege escalation, user hunting, BloodHound guidance, lateral movement, persistence, domain-admin takeover, cross-trust attacks, data exfiltration, and a toolbox of payloads and helper scripts. ... -
LinkSquares: All-in-One Contract Management PlatformLinkSquares is the leading Contract Lifecycle Management (CLM) software designed to help legal, procurement, and business operations teams master the entire contract lifecycle, from creation to execution and renewal. The platform transforms how companies manage agreements by centralizing data, automating routine work, and providing actionable insights powered by AI. This single, connected source of truth helps teams eliminate manual processes, streamline workflows, boost visibility, and ensure compliance across thousands of contracts, ultimately reducing risk and administrative burden.
-
10
WinPwn
Automation for internal Windows Penetrationtest / AD-Security
WinPwn is a PowerShell-based toolkit for automating internal Windows penetration testing and Active Directory reconnaissance. It streamlines many manual steps by integrating reconnaissance modules like Seatbelt, Inveigh, Rubeus, and PrivescCheck. With proxy auto‑detection, endpoint enumeration, and exploitation routines, it's widely used in red team and blue team tool chains. -
11
PowerSploit PowerShell
A PowerShell Post-Exploitation Framework
PowerSploit is a collection of PowerShell modules that historically served as a toolkit for post-exploitation tasks, red-team exercises, and offensive-security research—covering areas like reconnaissance, lateral movement, persistence, and situational awareness. The repository bundles many focused scripts: code to enumerate system and Active Directory information, payload generation helpers, in-memory execution utilities, and modules to interact with credentials and services. Because the modules can be used to both demonstrate weaknesses and to exploit them, the project is typically referenced in threat emulation, penetration testing, and defensive research to understand attacker capabilities. ...
- Previous
- You're on page 1
- Next
