Six Degrees of Domain Admin

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Red Teaming Tactics and Techniques

Automation for internal Windows Penetrationtest / AD-Security

My musings with PowerShell

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

netshell features all in version 2 powershell

Re-play Security Events

Azure Security Resources and Notes

CobaltStrike后渗透测试插件

Windows Exploits

Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)

PowerShell ReverseTCP Shell - Framework

Various PowerShell scripts that may be useful during red team exercise

Powershell Based tool for gathering information related to O365 intrusions and potential Breaches

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365

A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)

Understand adversary tradecraft and improve detection strategies

Azure JWT Token Manipulation Toolset

Tricks for penetration testing

Powershell C2 Server and Implants

Invoke Command As System/Interactive/GMSA/User on Local/Remote machine & returns PSObjects.

Aggressor scripts I've made for Cobalt Strike

Cobalt Strike插件 - RDP日志取证&清除

Extract stored credentials from Internet Explorer and Edge

Use powershell to list the RDP Connections History of logged-in users or all users