Skip to content
View ricardojoserf's full-sized avatar
:shipit:
Ship it!
:shipit:
Ship it!
547 followers · 39 following

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Starstruckx3Achievement: Pull SharkAchievement: Arctic Code Vault Contributor

Block or report ricardojoserf

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

54 stars written in PowerShell
Clear filter

Raphire / Win11Debloat

A simple, lightweight PowerShell script to remove pre-installed apps, disable telemetry, as well as perform various other changes to customize, declutter and improve your Windows experience. Win11D…

PowerShell 38,949 1,520 Updated Feb 4, 2026

SpecterOps / BloodHound-Legacy

Six Degrees of Domain Admin

PowerShell 10,532 1,790 Updated Aug 1, 2025

samratashok / nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

PowerShell 9,726 2,550 Updated Apr 25, 2024

EmpireProject / Empire

Empire is a PowerShell and Python post-exploitation agent.

PowerShell 7,792 2,921 Updated Jan 19, 2020

mandiant / commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

PowerShell 7,525 1,344 Updated Oct 16, 2025

mantvydasb / RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

PowerShell 4,484 1,128 Updated Aug 22, 2024

itm4n / PrivescCheck

Privilege Escalation Enumeration Script for Windows

PowerShell 3,677 501 Updated Jan 30, 2026

dafthack / MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

PowerShell 3,202 600 Updated Aug 7, 2025

NetSPI / PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

PowerShell 2,680 480 Updated Dec 12, 2024

monoxgas / sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

PowerShell 2,494 500 Updated Nov 15, 2023

Cloud-Architekt / AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

PowerShell 2,465 360 Updated Dec 31, 2025

besimorhino / powercat

netshell features all in version 2 powershell

PowerShell 2,351 497 Updated Mar 5, 2024

NetSPI / MicroBurst

A collection of scripts for assessing Microsoft Azure security

PowerShell 2,298 336 Updated Oct 29, 2025

PhrozenIO / PowerRemoteDesktop

Remote Desktop entirely coded in PowerShell.

PowerShell 2,224 262 Updated Aug 1, 2024

dafthack / DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

PowerShell 2,005 411 Updated Jul 11, 2024

rasta-mouse / Sherlock

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

PowerShell 1,983 414 Updated Oct 10, 2018

411Hall / JAWS

JAWS - Just Another Windows (Enum) Script

PowerShell 1,913 327 Updated Apr 19, 2021

Kevin-Robertson / Invoke-TheHash

PowerShell Pass The Hash Utils

PowerShell 1,713 310 Updated Dec 9, 2018

tokyoneon / Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

PowerShell 1,567 254 Updated Nov 9, 2021

Kevin-Robertson / Powermad

PowerShell MachineAccountQuota and DNS exploit tools

PowerShell 1,426 188 Updated Jan 11, 2023

Arvanaghi / SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be r…

PowerShell 1,308 174 Updated Nov 22, 2022

DanMcInerney / icebreaker

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

PowerShell 1,193 163 Updated Oct 24, 2018

antonioCoco / ConPtyShell

ConPtyShell - Fully Interactive Reverse Shell for Windows

PowerShell 1,183 176 Updated Jan 20, 2023

curi0usJack / luckystrike

A PowerShell based utility for the creation of malicious Office macro documents.

PowerShell 1,111 243 Updated Nov 3, 2017

leoloobeek / LAPSToolkit

Tool to audit and attack LAPS environments

PowerShell 925 129 Updated Jan 31, 2018

NotMedic / NetNTLMtoSilverTicket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

PowerShell 924 120 Updated Jul 26, 2021

nyxgeek / o365recon

retrieve information via O365 and AzureAD with a valid cred

PowerShell 730 106 Updated Aug 14, 2022

cfalta / adsec

An introduction to Active Directory security

PowerShell 654 87 Updated Aug 22, 2022

GoFetchAD / GoFetch

GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.

PowerShell 634 99 Updated Jun 20, 2017

nccgroup / azucar

Security auditing tool for Azure environments

PowerShell 585 114 Updated Nov 4, 2022
Next