PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Identifies the bytes that Microsoft Defender flags on.

Active Directory certificate abuse.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

SharpUp is a C# port of various PowerUp functionality.

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

C# Data Collector for BloodHound

C# implementation of harmj0y's PowerView

Framework for Kerberos relaying

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.

StandIn is a small .NET35/45 AD post-exploitation toolkit

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

A C# utility for interacting with SCCM

Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework

A tool to help query AD via the LDAP protocol

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

Managing permissions with PowerShell is only a bit easier than in VBS or the command line as there are no cmdlets for most day-to-day tasks like getting a permission report or adding permission to …