Discover the top trending PowerShell repositories and projects on Github. Explore the latest trends in PowerShell development.
winutil
Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and UpdatesWin11Debloat
A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.runner-images
GitHub Actions runner imagesGOAD
game of active directorySpotX
Modified Spotify client. Blocks ads and updates, and more.windows-dev-box-setup-scripts
Scripts to simplify setting up a Windows developer boxScoop
A command-line installer for Windows.Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.WSL
Issues found on WSLselfhosted-apps-docker
Guide by ExampleEasy-GPU-PV
A Project dedicated to making GPU Partitioning on Windows easier!flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.core
.NET news, announcements, release notes, and more!kit-app-template
Omniverse Kit App TemplateBloodHound
Six Degrees of Domain AdminPwshSpectreConsole
👻 PwshSpectreConsole is an opinionated wrapper for the awesome Spectre.Console libraryInvoke-SessionHunter
Retrieve and display information about active user sessions on remote computers. No admin privileges required.Win-Debloat-Tools
These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL ServerTokenTactics
Azure JWT Token Manipulation ToolsetSIEM
SIEM Tactics, Techiques, and ProceduresMicrosoft-Analyzer-Suite
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra IDPowerZure
PowerShell framework to assess Azure securitysunshine-virtual-monitor
Scripts and instruction for automatically setting up a lone virtual monitor to stream from sunshine.AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.PS2EXE
Module to compile powershell scripts to executablesPSFzf
A PowerShell wrapper around the fuzzy finder fzfARI
Azure Resource Inventory - It's a Powerful tool to create EXCEL inventory from Azure Resources with low effortMicrosoft
Scripts and tools for use with Microsoft products/technologiesWinPwn
Automation for internal Windows Penetrationtest / AD-SecuritysRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcodeWindows-Optimize-Harden-Debloat
Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.PowerShell
500+ PowerShell scripts (.ps1) for every system!NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver TicketPoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.Invoke-ADEnum
Automate Active Directory Enumerationpm2-installer
Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and TechniquesMFASweep
A tool for checking if MFA is enabled on multiple Microsoft ServicesPowerShell
PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph APIShellSweep
ShellSweeping the evil.ios-safari-remote-debug-kit
Remotely debugging iOS Safari on Windows and LinuxAzure-MG-Sub-Governance-Reporting
Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.MonitorSwapAutomation
Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.BAADTokenBroker
Azure-Red-Team
Azure Security Resources and NotesPowerHub
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelistingTerminal-Icons
A PowerShell module to show file and folder icons in the terminalLadon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、ExchangeMemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIROffice365itpros
Office 365 for IT Pros PowerShell examplestinytex-releases
Windows/macOS/Linux binaries and installation methods of TinyTeXludus_sccm
An Ansible collection that installs an SCCM deployment with optional configurations.commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+PowerRunAsSystem
Run application as system with interactive system process support (active Windows session)TokenTacticsV2
A fork of the great TokenTactics with support for CAE and token endpoint v2usbrubberducky-payloads
The Official USB Rubber Ducky Payload RepositoryAutomated-MUlti-UAC-Bypass
Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022svg-explorer-extension
Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG filesEntraOps
Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)PowerSploit
PowerSploit - A PowerShell Post-Exploitation FrameworkWindows-Containers
This repository is offered for tracking features and issues with Windows Containers. The Windows Containers product team will monitor this repo in order to engage with our community and discuss questions, customer scenarios, or feature requests.GPOZaurr
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.PowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.Extras
📦 The Extras bucket for Scoop.MSSprinkler
MSSprinkler is a password spraying utility for organizations to test their M365 accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, and provides verbose information related to accounts and tenant information.MicroBurst
A collection of scripts for assessing Microsoft Azure securityModulePath
PowerShell Module to get and set the primary PSModulePath configScriptSentry
ScriptSentry finds misconfigured and dangerous logon scripts.BARK
BloodHound Attack Research Kitpsgetsystem
getsystem via parent process using ps1 & embeded c#AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASSWHD
WHDownloader backup repoVMwareCloak
A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.Active_Directory_Advanced_Threat_Hunting
This repo is about Active Directory Advanced Threat HuntingM365Documentation
Automatic Microsoft 365 Documentation to simplify the life of admins and consultants.Statusimo
PowerShell Generated Status PageWindows10Debloater
Script to remove Windows 10 bloatware.Invoke-EDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.Powermad
PowerShell MachineAccountQuota and DNS exploit toolsPoshFunctions
A curated collection of PowerShell scripts packaged into a module.PrivescCheck
Privilege Escalation Enumeration Script for Windowsnode-versions
Node builds for Actions Runner ImagesOSCP
OSCP Cheat Sheetposh-git
A PowerShell environment for GitAzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365docker-github-runner-windows
This repository will run the self-hosted github actions runners for Windows with Visual Studio 2022 buildtools installed by default.Invoke-Everything
WingetPathUpdater
Addresses winget-cli #549 by providing shell wrapper scripts to update your PATH.SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.PS-SFTA
PowerShell Set File Type AssociationDomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!WSL
Source code behind the Windows Subsystem for Linux documentation.TVerRec
TVerRecは、TVerの番組をダウンロード保存するためのダウンロード支援ツールです。番組のジャンルや出演タレント、番組名などを指定して一括ダウンロードする支援をします。CMは入っていないため気に入った番組を配信終了後も残しておくことができます。1回起動すれば新しい番組が配信される度にダウンロードされます。Rollback-Spotify
Downgrade Spotify and block update for WindowsChocolatey-for-wine
Chocolatey packagemanager automatic installer in wine, handy to install quickly programs in winemicrosoft
C#, Python, TypeScriptdotnet
C#, PowerShell, TypeScriptMicrosoftDocs
PowerShell, C#, HTMLScoopInstaller
PowerShell, C#, TypeScriptChrisTitusTech
Shell, Lua, PowerShellSycnex
PowerShellmandiant
Python, C++, CAzure
C#, Python, TypeScriptPowerShellMafia
PowerShellsamratashok
PowerShell, PythonBloodHoundAD
C#, PowerShell, Pythonactions
TypeScript, JavaScript, PowerShellk8gege
Python, PowerShell, Rubydafthack
PowerShell, Python, PHPfarag2
PowerShell, VBScript, JavaScriptamd64fox
PowerShell, Batchfile, Pythondahlbyk
C#, PowerShell, JavaScriptEmpireProject
PowerShell, Java, JavaScriptEvotecIT
PowerShell, C#, HTMLNetSPI
Java, PowerShell, Pythondanielbohannon
PowerShellS3cur3Th1sSh1t
C#, PowerShell, NimMicrosoftLearning
PowerShell, C#, Jupyter NotebookW4RH4WK
C, C++, HTMLhak5
Shell, C, HTMLLove Open Source and this site? Check out how you can help us