Skip to content
View onecloudemoji's full-sized avatar
🖕
🖕
42 followers · 11 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Starstruck

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Starstruck

Block or report onecloudemoji

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Lists (15)

Sort Name ascending (A-Z)
Sort by
Name ascending (A-Z) Name descending (Z-A) Newest Oldest Last updated

Stars

27 stars written in PowerShell
Clear filter

Cloud-Architekt / AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

PowerShell 2,403 352 Updated Oct 16, 2025

cisagov / ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

PowerShell 2,340 328 Updated Nov 5, 2025

NetSPI / MicroBurst

A collection of scripts for assessing Microsoft Azure security

PowerShell 2,262 335 Updated Oct 29, 2025

rootsecdev / Azure-Red-Team

Azure Security Resources and Notes

PowerShell 1,622 215 Updated Jul 7, 2025

dafthack / MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

PowerShell 1,582 220 Updated Mar 4, 2025

jakehildreth / Locksmith

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

PowerShell 1,364 129 Updated Oct 29, 2025

dafthack / GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

PowerShell 1,221 144 Updated Jul 22, 2025

silverhack / monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

PowerShell 1,203 134 Updated Sep 5, 2025

Azure / SimuLand

Understand adversary tradecraft and improve detection strategies

PowerShell 713 80 Updated Mar 9, 2023

Semperis / EntraGoat

A deliberately vulnerable Microsoft Entra ID environment. Learn identity security through hands-on, realistic attack challenges.

PowerShell 619 68 Updated Oct 19, 2025

techspence / ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.

PowerShell 607 54 Updated Dec 20, 2024

Marshall-Hallenbeck / red_team_attack_lab

Red Team Attack Lab for TTP testing & research

PowerShell 580 77 Updated May 15, 2023

ubeeri / Invoke-UserSimulator

Simulates common user behaviour on local and remote Windows hosts.

PowerShell 281 37 Updated Apr 29, 2018

CompassSecurity / EntraFalcon

A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objects, risky assignments, and potential misconfigurations.

PowerShell 276 21 Updated Sep 28, 2025

LuemmelSec / APEX

Azure Post Exploitation Framework

PowerShell 241 20 Updated Oct 27, 2025

andreisss / Ghosting-AMSI

Ghosting-AMSI

PowerShell 219 36 Updated Apr 24, 2025

ajm4n / DLLHound

Find potential DLL Sideloads on your windows computer

PowerShell 216 22 Updated Jan 12, 2025

api0cradle / PowerAL

A Powershell module that helps you identify AppLocker weaknesses

PowerShell 169 26 Updated Feb 11, 2020

zh54321 / PoCEntraDeviceComplianceBypass

Simple pure PowerShell POC to bypass Entra / Intune Compliance Conditional Access Policy

PowerShell 162 14 Updated Feb 23, 2025

LuccaSA / PingCastle-Notify

Monitor your PingCastle scans to highlight the rule diff between two scans

PowerShell 152 24 Updated Oct 9, 2025

dahvidschloss / CRASH

Completely Risky Active-Directory Simulation Hub

PowerShell 103 4 Updated Nov 21, 2023

Sam0x90 / CTI

Repo containing various intel-based resources such as threat research, adversary emulation/simulation plan and so on

PowerShell 83 5 Updated Apr 27, 2024

dahvidschloss / PILOT

Ping-based Information Lookup and Outbound Transfer

PowerShell 79 7 Updated Apr 16, 2024

bitsadmin / lofl

Living Off the Foreign Land setup scripts

PowerShell 72 16 Updated Feb 26, 2025

dmcxblue / AzureStrike

An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations

PowerShell 60 6 Updated Aug 18, 2025

raskolnikov90 / LainAmsiOpenSession

Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll

PowerShell 44 11 Updated Jun 16, 2025

rubenformation / CVE-2025-50154

POCs for CVE-2025-50154 and CVE-2025-59214, zero day vulnerabilities on windows file explorer disclosing NTLMv2-SSP without user interaction. It is a bypass for the CVE-2025-24054 Security Patch

PowerShell 39 10 Updated Oct 16, 2025