The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 active-directory Open-Source Projects
-
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
-
PowerShell
PowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...) (by lazywinadmin)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
AutomatedLab
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
-
vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
-
Bonobo Git Server
Bonobo Git Server for Windows is a web application you can install on your IIS and easily manage and connect to your git repositories. Go to homepage for release and more info.
-
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
DeathStar
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
-
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
-
Windows-11-Guide
Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.
-
Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
-
ldapnomnom
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
-
sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
-
Pode
Pode is a Cross-Platform PowerShell web framework for creating REST APIs, Web Sites, and TCP/SMTP servers
-
OpenAM
OpenAM is an open access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security.
-
LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
-
Locksmith
A small tool built to find and fix common misconfigurations in Active Directory Certificate Services. (by TrimarcJake)
-
Minimalistic-offensive-security-tools
A repository of tools for pentesting of restricted and isolated environments.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: Need help on powershell script to retry 5 times if failure | /r/PowerShell | 2023-06-25Lazy Admin - New-RandomPassword
I use OpenVas (on Kali) and PingCastle (on Windows).
At one he also mentions Vulnerable-AD, which might be helpful when learning how to identify and respond to AD attacks. This might give you an idea of what other areas/components to focus on with your projects. Good luck!
Project mention: SSH-Snake: Automated SSH-Based Network Traversal | news.ycombinator.com | 2024-01-05Here’s a similar project, but for windows AD networks
https://github.com/byt3bl33d3r/DeathStar
Thirdly dsinternals suite can be used to resurrect domain controllers from the dead.. it works very well and is pretty easy - https://github.com/MichaelGrafnetter/DSInternals/blob/master/Documentation/PowerShell/New-ADDBRestoreFromMediaScript.md - the person who created this is nothing short of a wizard.
Name Description Url BloodHound BloodHound GUI https://github.com/BloodHoundAD/BloodHound/ PlumHound Generate a report with actions to resolve the security flaws in the Active Directory configuration https://github.com/DefensiveOrigins/PlumHound/ GoodHound GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. https://github.com/idnahacks/GoodHound/ BlueHound Tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network. https://github.com/zeronetworks/BlueHound/
I use Pode for my little projects. One mocks the api's of a device for testing a module with out having the device exposed to the internet for GitHub actions. Pode also works well under Linux.
Project mention: Pentester PSA: Check your Active Directory Certificate Services (AD CS) For Vulnerabilities | /r/sysadmin | 2023-04-29
Project mention: PsMapExec - Active Directory and Windows Lateral Movement | /r/Infosec | 2023-10-21
active-directory related posts
- Active Directory ACL Visualizer and Explorer
- SSH-Snake: Automated SSH-Based Network Traversal
- Dealing with large BloodHound datasets
- Open source vulnerability scanner
- Student 1 Year out from Grad overwhelmed
- DNS (Windows/AD) Health-Checks and/or Utilities to confirm no errors/issues?
- Migrating away from AD Binding: Challanges with Creating Accounts on Shared Macs
-
A note from our sponsor - WorkOS
workos.com | 24 Apr 2024
Index
What are some of the best open-source active-directory projects? This list will help you:
Project | Stars | |
---|---|---|
1 | Active-Directory-Exploitation-Cheat-Sheet | 4,996 |
2 | PowerShell | 2,379 |
3 | pingcastle | 2,111 |
4 | AutomatedLab | 1,933 |
5 | vulnerable-AD | 1,862 |
6 | Bonobo Git Server | 1,786 |
7 | A-Red-Teamer-diaries | 1,670 |
8 | DeathStar | 1,564 |
9 | DSInternals | 1,529 |
10 | Adalanche | 1,523 |
11 | Windows-11-Guide | 1,241 |
12 | PlumHound | 1,013 |
13 | Microsoft-eventlog-mindmap | 988 |
14 | ldapnomnom | 957 |
15 | sam-the-admin | 955 |
16 | RustHound | 862 |
17 | pywerview | 837 |
18 | Pode | 769 |
19 | OpenAM | 722 |
20 | LDAPmonitor | 711 |
21 | Locksmith | 681 |
22 | PsMapExec | 651 |
23 | Minimalistic-offensive-security-tools | 510 |
Sponsored