Starred repositories
94
stars
written in PowerShell
Clear filter
PowerSploit - A PowerShell Post-Exploitation Framework
Six Degrees of Domain Admin
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
Empire is a PowerShell and Python post-exploitation agent.
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
Red Teaming Tactics and Techniques
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
AADInternals PowerShell module for administering Azure AD and Office 365
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
PowerShell MachineAccountQuota and DNS exploit tools
Dominate Active Directory with PowerShell.
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
Exploit the credentials present in files and memory
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
Socks proxy, and reverse socks server using powershell.
retrieve information via O365 and AzureAD with a valid cred
My Notes about Penetration Testing
PEN-300 collection to help you on your exam.
Awesome list of keywords and artifacts for Threat Hunting sessions
A repository of tools for pentesting of restricted and isolated environments.