Active Directory & Windows

Active Directory attack workflow: enumeration, Kerberoasting, AS-REP roasting, credential dumping, and lateral movement on authorized engagements.

Map Active Directory attack paths from SharpHound/SharpHound data collectors.

Swiss-army SMB/WinRM/LDAP/MSSQL tool for AD enumeration and credential testing.

WinRM shell and file transfer for post-exploitation on Windows hosts.

Python toolkit for SMB, Kerberos, and Windows protocol attacks.

Fast Kerberos user enumeration and password spraying without LDAP.

Dump and HTML-report Active Directory LDAP data for offline review.

Windows credential extraction and Kerberos manipulation (lab-only).

Modern CrackMapExec successor for AD protocol abuse and automation.

Kerberos abuse toolkit for ticket requests, roasting, and delegation attacks.