Skip to content

secureworks/whiskeysamlandfriends

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WhiskeySAML and Friends

TicketsPlease

TicketsPlease: Python library to assist with the generation of Kerberos tickets, remote retrieval of ADFS configuration settings, generation of Golden SAML tokens, and retrieval of Azure Access Tokens.

WhiskeySAML

WhiskeySAML: Proof of concept tool for a Golden SAML attack with Remote ADFS Configuration Extraction. This tool leverages the TicketsPlease library.

ShockNAwe

ShockNAwe: Proof of concept tool to generate a Golden SAML token that will be used to request an Access Token from Azure Core Management which will then be used to enumerate and attack the virtual machines within the Azure subscription.

DirectWave

DirectWave: Proof of concept tool to enumerate and execute commands on all Azure tenant Virual Machines when an Azure Core Management Access Token is supplied by the tool operator.

About

GoldenSAML Attack Libraries and Framework

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published