o365-attack-toolkit
The o365-attack-toolkit is a collection of tools and scripts designed to attack and exploit vulnerabilities in Office365. It provides a range of features and functionalities to simulate attacks, test defenses, and identify weaknesses in Office365 environments. The toolkit includes tools for password spraying, password cracking, and token manipulation, as well as scripts for exploiting vulnerabilities in Office365 APIs and services. It also provides features for reconnaissance, enumeration, and data exfiltration. The o365-attack-toolkit is a powerful tool for penetration testers, red teams, and security professionals to test the security of Office365 environments and identify vulnerabilities that need to be addressed.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A practical guide on NTLM relaying for Active Directory attacks.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Tool for exploiting Sixnet RTUs to gain root level access with little effort.
A unified repository for different Metasploit Framework payloads.
Open-source Java application for creating proxies for traffic analysis & modification.
A free online wargame for practicing hacking skills and learning security concepts.
A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
A comprehensive guide for customizing Cobalt Strike's C2 profiles to enhance stealth and operational security.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.