Script to remove Windows 10 bloatware.

PowerSploit - A PowerShell Post-Exploitation Framework

This repository has been moved to https://codeberg.org/janikvonrotz/awesome-powershell. Please visit the new location for the latest updates.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

PowerShell script for automation of routine tasks done after fresh installations of Windows 10 / Server 2016 / Server 2019

Automation for internal Windows Penetrationtest / AD-Security

Pester is the ubiquitous test and mock framework for PowerShell.

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A repository of sysmon configuration modules

PowerShell functions and scripts (Azure, Active Directory, SCCM, SCSM, Exchange, O365, ...)

A PowerShell module to show file and folder icons in the terminal

A PowerShell script to download Windows or UEFI Shell ISOs

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

HardeningKitty and Windows Hardening Settings

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

Automation to assess the state of your M365 tenant against CISA's baselines

Remote Desktop entirely coded in PowerShell.

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to…

Re-play Security Events

A Powershell incident response framework

A tool for checking if MFA is enabled on multiple Microsoft Services

A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

🔧 🔨 A set of PowerShell functions you might use to enhance your own functions and scripts or to facilitate working in the console. Most should work in both Windows PowerShell and PowerShell 7, even…

Microsoft signed ActiveDirectory PowerShell module

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.