PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

One Remote Access Manager to Rule Them All

Trying to tame the three-headed dog.

Network Analysis Tool

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Identifies the bytes that Microsoft Defender flags on.

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade t…

C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527

Run PowerShell with rundll32. Bypass software restrictions.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

PowerShell Runspace Post Exploitation Toolkit

PowerForensics provides an all in one platform for live disk forensic analysis

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A tool to download all Pwned Passwords hash ranges and save them offline so they can be used without a dependency on the k-anonymity API

A tool to elevate privilege with Windows Tokens

PowerShell rebuilt in C# for Red Teaming purposes

PowerShell Module for automating tasks on remote systems using SSH

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

StandIn is a small .NET35/45 AD post-exploitation toolkit

A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.

SharpWMI is a C# implementation of various WMI functionality.

Dump Azure AD Connect credentials for Azure AD and Active Directory