Security Operations for Active Directory
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Active Directory
Browse 14 security tools
FEATURED
USE CASES
Subscription-based enterprise red team simulation labs with AD focus.
Active Directory deception technology for threat detection and response
AI-powered deception platform for early APT and advanced threat detection
Credential-based deception platform that lures attackers to capture stolen creds
AI-powered deception platform using honeypots to detect & disrupt attacks
XDR platform with NDR, EDR, deception, AD security, and CNAPP capabilities
GraphSpy is a browser-based post-exploitation tool for Azure Active Directory and Office 365 environments that enables token management, reconnaissance, and interaction with Microsoft 365 services.
CloudCopy implements a cloud version of the Shadow Copy attack to extract domain user hashes from AWS-hosted domain controllers by creating and mounting volume snapshots.
A powerful tool for extracting passwords and performing various Windows security operations.
PlumHound is a reporting engine that converts BloodHoundAD's Neo4J queries into operational security reports for analyzing Active Directory vulnerabilities and attack paths.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
PwnAuth is an open-source tool for generating and managing authentication tokens across multiple protocols, designed for penetration testing and red team exercises.
A library for accessing and parsing Extensible Storage Engine (ESE) Database Files used by Microsoft applications like Windows Search, Exchange, and Active Directory for forensic analysis purposes.