PowerSploit - A PowerShell Post-Exploitation Framework

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Empire is a PowerShell and Python post-exploitation agent.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

Repository for my flipper zero badUSB payloads. Now almost entirely plug and play.

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetN…

This repository has been moved to https://codeberg.org/janikvonrotz/awesome-powershell. Please visit the new location for the latest updates.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Red Teaming Tactics and Techniques

Automation for internal Windows Penetrationtest / AD-Security

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

HardeningKitty and Windows Hardening Settings

A collection of scripts for assessing Microsoft Azure security

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to…

The goal of this repository is to document the most common techniques to bypass AppLocker.

Azure Security Resources and Notes

Adversary Tactics - PowerShell Training

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

hack5 badusb payloads moded for be played with flipper zero

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

Intranet penetration tools

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

BloodHound Attack Research Kit

Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.

PowerSCCM - PowerShell module to interact with SCCM deployments

A proof of concept on attack vectors against Active Directory by abusing Active Directory Certificate Services (ADCS)

Query user sessions for the entire domain (Interactive/RDP etc), allowing you to query a Username and see all their logged on sessions, whether Active or Disconnected

Collection of resources related to the Center for Threat-Informed Defense

Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement