Discover the top trending PowerShell repositories and projects on Github. Explore the latest trends in PowerShell development.

Trending Repositories

1

winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates
🔥🔥🔥
2

Win11Debloat

A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.
🔥
3

runner-images

GitHub Actions runner images
📣
4

GOAD

game of active directory
⬆️
5

SpotX

Modified Spotify client. Blocks ads and updates, and more.
⬆️
6

windows-dev-box-setup-scripts

Scripts to simplify setting up a Windows developer box
⬆️
7

Scoop

A command-line installer for Windows.
⬆️
8

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
⬆️
9

WSL

Issues found on WSL
⬆️
10

selfhosted-apps-docker

Guide by Example
⬆️
11

Easy-GPU-PV

A Project dedicated to making GPU Partitioning on Windows easier!
⬆️
12

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
⬆️
13

core

.NET news, announcements, release notes, and more!
⬆️
14

kit-app-template

Omniverse Kit App Template
⬆️
15

BloodHound

Six Degrees of Domain Admin
⬆️
16

PwshSpectreConsole

👻 PwshSpectreConsole is an opinionated wrapper for the awesome Spectre.Console library
⬆️
17

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.
⬆️
18

Win-Debloat-Tools

These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.
⬆️
19

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
⬆️
20

TokenTactics

Azure JWT Token Manipulation Toolset
⬆️
21

SIEM

SIEM Tactics, Techiques, and Procedures
⬆️
22

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID
⬆️
23

PowerZure

PowerShell framework to assess Azure security
⬆️
24

sunshine-virtual-monitor

Scripts and instruction for automatically setting up a lone virtual monitor to stream from sunshine.
⬆️
25

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
⬆️
26

PS2EXE

Module to compile powershell scripts to executables
⬆️
27

PSFzf

A PowerShell wrapper around the fuzzy finder fzf
⬆️
28

ARI

Azure Resource Inventory - It's a Powerful tool to create EXCEL inventory from Azure Resources with low effort
⬆️
29

Microsoft

Scripts and tools for use with Microsoft products/technologies
⬆️
30

WinPwn

Automation for internal Windows Penetrationtest / AD-Security
⬆️
31

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
⬆️
32

Windows-Optimize-Harden-Debloat

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
⬆️
33

PowerShell

500+ PowerShell scripts (.ps1) for every system!
⬆️
34

NetNTLMtoSilverTicket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket
⬆️
35

PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
⬆️
36

Invoke-ADEnum

Automate Active Directory Enumeration
⬆️
37

pm2-installer

Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.
⬆️
38

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques
⬆️
39

MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services
⬆️
40

PowerShell

PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️
⬆️
41

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API
⬆️
42

ShellSweep

ShellSweeping the evil.
⬆️
43

ios-safari-remote-debug-kit

Remotely debugging iOS Safari on Windows and Linux
⬆️
44

Azure-MG-Sub-Governance-Reporting

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.
⬆️
45

MonitorSwapAutomation

Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.
⬆️
46

BAADTokenBroker

⬆️
47

Azure-Red-Team

Azure Security Resources and Notes
⬆️
48

PowerHub

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
⬆️
49

Terminal-Icons

A PowerShell module to show file and folder icons in the terminal
⬆️
50

Ladon

Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
⬆️
51

MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
⬆️
52

Office365itpros

Office 365 for IT Pros PowerShell examples
⬆️
53

tinytex-releases

Windows/macOS/Linux binaries and installation methods of TinyTeX
⬆️
54

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.
⬆️
55

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]
⬆️
56

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
⬆️
57

PowerRunAsSystem

Run application as system with interactive system process support (active Windows session)
⬆️
58

TokenTacticsV2

A fork of the great TokenTactics with support for CAE and token endpoint v2
⬆️
59

usbrubberducky-payloads

The Official USB Rubber Ducky Payload Repository
⬆️
60

Automated-MUlti-UAC-Bypass

Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022
⬆️
61

svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files
⬆️
62

EntraOps

Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)
⬆️
63

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework
⬆️
64

Windows-Containers

This repository is offered for tracking features and issues with Windows Containers. The Windows Containers product team will monitor this repo in order to engage with our community and discuss questions, customer scenarios, or feature requests.
⬆️
65

GPOZaurr

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.
⬆️
66

PowerHuntShares

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
⬆️
67

Extras

📦 The Extras bucket for Scoop.
⬆️
68

MSSprinkler

MSSprinkler is a password spraying utility for organizations to test their M365 accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, and provides verbose information related to accounts and tenant information.
⬆️
69

MicroBurst

A collection of scripts for assessing Microsoft Azure security
⬆️
70

ModulePath

PowerShell Module to get and set the primary PSModulePath config
⬆️
71

ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.
⬆️
72

BARK

BloodHound Attack Research Kit
⬆️
73

psgetsystem

getsystem via parent process using ps1 & embeded c#
⬆️
74

AMSI-BYPASS

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
⬆️
75

WHD

WHDownloader backup repo
⬆️
76

VMwareCloak

A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.
⬆️
77

Active_Directory_Advanced_Threat_Hunting

This repo is about Active Directory Advanced Threat Hunting
⬆️
78

M365Documentation

Automatic Microsoft 365 Documentation to simplify the life of admins and consultants.
⬆️
79

Statusimo

PowerShell Generated Status Page
⬆️
80

Windows10Debloater

Script to remove Windows 10 bloatware.
⬆️
81

Invoke-EDRChecker

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
⬆️
82

Powermad

PowerShell MachineAccountQuota and DNS exploit tools
⬆️
83

PoshFunctions

A curated collection of PowerShell scripts packaged into a module.
⬆️
84

PrivescCheck

Privilege Escalation Enumeration Script for Windows
⬆️
85

node-versions

Node builds for Actions Runner Images
⬆️
86

OSCP

OSCP Cheat Sheet
⬆️
87

posh-git

A PowerShell environment for Git
⬆️
88

AzureHunter

A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
⬆️
89

docker-github-runner-windows

This repository will run the self-hosted github actions runners for Windows with Visual Studio 2022 buildtools installed by default.
⬆️
90

Invoke-Everything

⬆️
91

WingetPathUpdater

Addresses winget-cli #549 by providing shell wrapper scripts to update your PATH.
⬆️
92

SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
⬆️
93

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
⬆️
94

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
⬆️
95

PS-SFTA

PowerShell Set File Type Association
⬆️
96

DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
⬆️
97

WSL

Source code behind the Windows Subsystem for Linux documentation.
⬆️
98

TVerRec

TVerRecは、TVerの番組をダウンロード保存するためのダウンロード支援ツールです。番組のジャンルや出演タレント、番組名などを指定して一括ダウンロードする支援をします。CMは入っていないため気に入った番組を配信終了後も残しておくことができます。1回起動すれば新しい番組が配信される度にダウンロードされます。
⬆️
99

Rollback-Spotify

Downgrade Spotify and block update for Windows
⬆️
100

Chocolatey-for-wine

Chocolatey packagemanager automatic installer in wine, handy to install quickly programs in wine
⬆️