PowerShell for every system!

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

A manager for game achievements in Steam.

Trying to tame the three-headed dog.

Covenant is a collaborative .NET C2 framework for red teamers.

Steam depot downloader utilizing the SteamKit2 library.

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

More than a ReClass port to the .NET platform.

Directory Services Internals (DSInternals) PowerShell Module and Framework

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Collection of Offensive C# Tooling

A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.

Kernel mode WinDbg extension and PoCs for token privilege investigation.

Loads any C# binary in mem, patching AMSI + ETW.

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.

.NET 4.0 CLR Project to retrieve Chromium data, such as cookies, history and saved logins.

Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel

SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.

Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.