A tool for checking if MFA is enabled on multiple Microsoft Services
MIT License
MSSprinkler is a password spraying utility for organizations to test their M365 accounts from an ...
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote ...
An ASP.NET Core Web App which lets sign-in users (including in your org, many orgs, orgs + person...
Automation for internal Windows Penetrationtest / AD-Security
An interactive powershell script for Azure/Entra. Creates a set of conditional access policies th...
Create a vulnerable active directory that's allowing you to test most of the active directory att...
Harden Windows with Windows Defender Application Control (WDAC)
CyberArk Windows Account Creation & Onboarding (WACO) Tool
Red Team Cheatsheet in constant expansion.
Lists of sources and utilities utilized to hunt, detect and prevent evildoers.
A collection of scripts for assessing Microsoft Azure security
Azure Security Resources and Notes
This publication is a collection of various common attack scenarios on Microsoft Entra ID (former...
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.