Top 23 active-directory Open-Source Projects

• Active-Directory-Exploitation-Cheat-Sheet

  2 4,996 4.1

  A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

• PowerShell

  5 2,379 0.0 PowerShell

  PowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...) (by lazywinadmin)

Project mention: Need help on powershell script to retry 5 times if failure | /r/PowerShell | 2023-06-25

Lazy Admin - New-RandomPassword

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• pingcastle

  16 2,111 5.6 C#

  PingCastle - Get Active Directory Security at 80% in 20% of the time

Project mention: Open source vulnerability scanner | /r/cybersecurity | 2023-12-05

I use OpenVas (on Kali) and PingCastle (on Windows).

• AutomatedLab

  12 1,933 8.2 PowerShell

  AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

  

• vulnerable-AD

  14 1,862 0.0 PowerShell

  Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Project mention: Student 1 Year out from Grad overwhelmed | /r/SecurityCareerAdvice | 2023-09-16

At one he also mentions Vulnerable-AD, which might be helpful when learning how to identify and respond to AD attacks. This might give you an idea of what other areas/components to focus on with your projects. Good luck!

• Bonobo Git Server

  5 1,786 0.0 C#

  Bonobo Git Server for Windows is a web application you can install on your IIS and easily manage and connect to your git repositories. Go to homepage for release and more info.

• A-Red-Teamer-diaries

  1 1,670 3.1

  RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• DeathStar

  2 1,564 2.6 Python

  Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.

Project mention: SSH-Snake: Automated SSH-Based Network Traversal | news.ycombinator.com | 2024-01-05

Here’s a similar project, but for windows AD networks

https://github.com/byt3bl33d3r/DeathStar

• DSInternals

  16 1,529 6.7 C#

  Directory Services Internals (DSInternals) PowerShell Module and Framework

Project mention: recovering corrupted ad database | /r/activedirectory | 2023-05-17

Thirdly dsinternals suite can be used to resurrect domain controllers from the dead.. it works very well and is pretty easy - https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/New-ADDBRestoreFromMediaScript.md - the person who created this is nothing short of a wizard.

• Adalanche

  17 1,523 9.0 Go

  Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

Project mention: Active Directory ACL Visualizer and Explorer | news.ycombinator.com | 2024-01-30

• Windows-11-Guide

  24 1,241 8.5 C#

  Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.

• PlumHound

  1 1,013 8.7 Python

  Bloodhound for Blue and Purple Teams

  

Project mention: Dealing with large BloodHound datasets | dev.to | 2023-12-06

Name Description Url BloodHound BloodHound GUI https://github.com/BloodHoundAD/BloodHound/ PlumHound Generate a report with actions to resolve the security flaws in the Active Directory configuration https://github.com/DefensiveOrigins/PlumHound/ GoodHound GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. https://github.com/idnahacks/GoodHound/ BlueHound Tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network. https://github.com/zeronetworks/BlueHound/

• Microsoft-eventlog-mindmap

  4 988 3.9

  Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

• ldapnomnom

  6 957 6.6 Go

  Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

• sam-the-admin

  4 955 0.0 Python

  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

• RustHound

  1 862 6.4 Rust

  Active Directory data collector for BloodHound written in Rust. 🦀

  

• pywerview

  1 837 7.1 Python

  A (partial) Python rewriting of PowerSploit's PowerView

• Pode

  40 769 8.3 PowerShell

  Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers

Project mention: HTTP server in powershell for Sharing files | /r/PowerShell | 2023-06-06

I use Pode for my little projects. One mocks the api's of a device for testing a module with out having the device exposed to the internet for GitHub actions. Pode also works well under Linux.

• OpenAM

  0 722 8.8 Java

  OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.

  

• LDAPmonitor

  1 711 5.0 C#

  Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

• Locksmith

  3 681 9.4 PowerShell

  A small tool built to find and fix common misconfigurations in Active Directory Certificate Services. (by TrimarcJake)

Project mention: Pentester PSA: Check your Active Directory Certificate Services (AD CS) For Vulnerabilities | /r/sysadmin | 2023-04-29

• PsMapExec

  1 651 9.3 PowerShell

  A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec

Project mention: PsMapExec - Active Directory and Windows Lateral Movement | /r/Infosec | 2023-10-21

• Minimalistic-offensive-security-tools

  3 510 0.0 PowerShell

  A repository of tools for pentesting of restricted and isolated environments.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

active-directory related posts

• Active Directory ACL Visualizer and Explorer
  1 project | news.ycombinator.com | 30 Jan 2024
• SSH-Snake: Automated SSH-Based Network Traversal
  5 projects | news.ycombinator.com | 5 Jan 2024
• Dealing with large BloodHound datasets
  11 projects | dev.to | 6 Dec 2023
• Open source vulnerability scanner
  2 projects | /r/cybersecurity | 5 Dec 2023
• Student 1 Year out from Grad overwhelmed
  1 project | /r/SecurityCareerAdvice | 16 Sep 2023
• DNS (Windows/AD) Health-Checks and/or Utilities to confirm no errors/issues?
  1 project | /r/sysadmin | 11 Jul 2023
• Migrating away from AD Binding: Challanges with Creating Accounts on Shared Macs
  2 projects | /r/macsysadmin | 27 Jun 2023
• A note from our sponsor - WorkOS
  workos.com | 24 Apr 2024

  The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com