Discover the top trending PowerShell repositories and projects on Github. Explore the latest trends in PowerShell development.

Trending Repositories

1

Win11Debloat

A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.
🔥🔥🔥
2

winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates
🔥🔥🔥
3

runner-images

GitHub Actions runner images
⬆️
4

SpotX

Modified Spotify client. Blocks ads and updates, and more.
⬆️
5

Scoop

A command-line installer for Windows.
⬆️
6

GOAD

game of active directory
⬆️
7

selfhosted-apps-docker

Guide by Example
⬆️
8

WSL

Issues found on WSL
⬆️
9

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
⬆️
10

core

.NET news, announcements, release notes, and more!
⬆️
11

Easy-GPU-PV

A Project dedicated to making GPU Partitioning on Windows easier!
⬆️
12

Win-Debloat-Tools

These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.
⬆️
13

ShellSweep

ShellSweeping the evil.
⬆️
14

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
⬆️
15

windows-dev-box-setup-scripts

Scripts to simplify setting up a Windows developer box
⬆️
16

BARK

BloodHound Attack Research Kit
⬆️
17

BloodHound

Six Degrees of Domain Admin
⬆️
18

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
⬆️
19

posh-git

A PowerShell environment for Git
⬆️
20

Windows-Optimize-Harden-Debloat

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
⬆️
21

PwshSpectreConsole

👻 PwshSpectreConsole is an opinionated wrapper for the awesome Spectre.Console library
⬆️
22

AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365
⬆️
23

kit-app-template

Omniverse Kit App Template
⬆️
24

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
⬆️
25

MicroBurst

A collection of scripts for assessing Microsoft Azure security
⬆️
26

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
⬆️
27

PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
⬆️
28

powershell-scripts

Office 365 Reporting PowerShell Scripts
⬆️
29

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
⬆️
30

BAADTokenBroker

⬆️
31

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.
⬆️
32

RetrievIR

PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices.
⬆️
33

Fido

A PowerShell script to download Windows or UEFI Shell ISOs
⬆️
34

TokenTactics

Azure JWT Token Manipulation Toolset
⬆️
35

ARI

Azure Resource Inventory - It's a Powerful tool to create EXCEL inventory from Azure Resources with low effort
⬆️
36

PrivescCheck

Privilege Escalation Enumeration Script for Windows
⬆️
37

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques
⬆️
38

PSFzf

A PowerShell wrapper around the fuzzy finder fzf
⬆️
39

Invoke-ADEnum

Automate Active Directory Enumeration
⬆️
40

Invoke-Obfuscation

PowerShell Obfuscator
⬆️
41

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
⬆️
42

Windows-Containers

This repository is offered for tracking features and issues with Windows Containers. The Windows Containers product team will monitor this repo in order to engage with our community and discuss questions, customer scenarios, or feature requests.
⬆️
43

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
⬆️
44

MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services
⬆️
45

PowerShell

500+ PowerShell scripts (.ps1) for every system!
⬆️
46

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API
⬆️
47

Terminal-Icons

A PowerShell module to show file and folder icons in the terminal
⬆️
48

winfetch

🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.
⬆️
49

ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
⬆️
50

SIEM

SIEM Tactics, Techiques, and Procedures
⬆️
51

JAWS

JAWS - Just Another Windows (Enum) Script
⬆️
52

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.
⬆️
53

Microsoft

Scripts and tools for use with Microsoft products/technologies
⬆️
54

SessionExec

Execute commands in other Sessions
⬆️
55

TokenTacticsV2

A fork of the great TokenTactics with support for CAE and token endpoint v2
⬆️
56

PowerZure

PowerShell framework to assess Azure security
⬆️
57

GDK

Microsoft Public GDK
⬆️
58

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
⬆️
59

svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files
⬆️
60

WindowsAppsUnfukker

PowerShell script to fix WindowsApps-related permission errors and crashes.
⬆️
61

securedworkstation

Intune managed Secured workstation
⬆️
62

ios-safari-remote-debug-kit

Remotely debugging iOS Safari on Windows and Linux
⬆️
63

GPOZaurr

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.
⬆️
64

PS2EXE

Module to compile powershell scripts to executables
⬆️
65

MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
⬆️
66

LSTAR

LSTAR - CobaltStrike 综合后渗透插件
⬆️
67

pm2-installer

Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.
⬆️
68

Testimo

Testimo is a PowerShell module for running health checks for Active Directory against a bunch of different tests
⬆️
69

cpp-docs

C++ Documentation
⬆️
70

usbrubberducky-payloads

The Official USB Rubber Ducky Payload Repository
⬆️
71

sunshine-virtual-monitor

Scripts and instruction for automatically setting up a lone virtual monitor to stream from sunshine.
⬆️
72

Office-365-Extractor

The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
⬆️
73

MotionPhoto2

Mux HEIC and JPG Live Photos into Google/Samsung Motion Photos
⬆️
74

Office365itpros

Office 365 for IT Pros PowerShell examples
⬆️
75

EntraOps

Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)
⬆️
76

Extras

📦 The Extras bucket for Scoop.
⬆️
77

Windows10Debloater

Script to remove Windows 10 bloatware.
⬆️
78

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework
⬆️
79

AwesomeCSV

🕶️A curated list of awesome tools for dealing with CSV.
⬆️
80

deno_install

Deno Binary Installer
⬆️
81

ConPtyShell

ConPtyShell - Fully Interactive Reverse Shell for Windows
⬆️
82

MonitorSwapAutomation

Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.
⬆️
83

ShellGen

PowerShell script to generate ShellCode in various formats
⬆️
84

Parsec-Cloud-Preparation-Tool

Launch Parsec enabled cloud computers via your own cloud provider account.
⬆️
85

MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
⬆️
86

ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.
⬆️
87

Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
⬆️
88

dorado

🐟 Yet Another bucket for lovely Scoop
⬆️
89

Maui.Onboarding

Docs, scripts, helpers, and more to configure your environment easily for .NET MAUI development
⬆️
90

powercat

netshell features all in version 2 powershell
⬆️
91

WHD

WHDownloader backup repo
⬆️
92

PowerShell-Red-Team

Collection of PowerShell functions a Red Teamer may use in an engagement
⬆️
93

iDRAC-Redfish-Scripting

Python and PowerShell scripting for Dell EMC PowerEdge iDRAC REST API with DMTF Redfish
⬆️
94

dbatools

🚀 SQL Server automation and instance migrations have never been safer, faster or freer
⬆️
95

ff2mpv

A Firefox/Chrome add-on for playing URLs in mpv.
⬆️
96

SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
⬆️
97

Automated-MUlti-UAC-Bypass

Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022
⬆️
98

windows-driver-docs

The official Windows Driver Kit documentation sources
⬆️
99

tinytex-releases

Windows/macOS/Linux binaries and installation methods of TinyTeX
⬆️
100

Ladon

Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
⬆️