Discover the top trending PowerShell repositories and projects on Github. Explore the latest trends in PowerShell development.
Win11Debloat
A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.winutil
Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updatesrunner-images
GitHub Actions runner imagesWin-Debloat-Tools
These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.gcopy
A clipboard synchronization tool that based on Git.Scoop
A command-line installer for Windows.AMSI-BYPASS
"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASSSpotX
Modified Spotify client. Blocks ads and updates, and more.WSL
Issues found on WSLcore
.NET news, announcements, release notes, and more!ResolutionAutomation
Automates changing the host resolution to match the client resolution of Moonlight, with capabilities of supersampling if requiredPrivescCheck
Privilege Escalation Enumeration Script for WindowsScriptSentry
ScriptSentry finds misconfigured and dangerous logon scripts.selfhosted-apps-docker
Guide by ExampleGOAD
game of active directoryInvoke-DumpMDEConfig
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )BloodHound
Six Degrees of Domain AdminInvoke-ADEnum
Automate Active Directory Enumeration using PowerViewEasy-GPU-PV
A Project dedicated to making GPU Partitioning on Windows easier!ADeleginator
A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directoryflare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbookwindows_hardening
HardeningKitty and Windows Hardening settings and configurationsMisconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.psgetsystem
getsystem via parent process using ps1 & embeded c#Microsoft-Analyzer-Suite
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra IDsRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcodewin32
Public mirror for win32-prSophia-Script-for-Windows
⚡ The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.VirtualGHOST
VirtualGHOST Detection ToolPowerShell
500+ PowerShell scripts (.ps1) for every system!Amnesiac
Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environmentsPowerSploit
PowerSploit - A PowerShell Post-Exploitation FrameworkPingCastle-Notify
Monitor your PingCastle scans to highlight the rule diff between two scansRedTeaming-Tactics-and-Techniques
Red Teaming Tactics and TechniquesJAWS
JAWS - Just Another Windows (Enum) ScriptADFSDump-PS
PowerShell Implementation of ADFSDump to assist with GoldenSAMLAzure-Red-Team
Azure Security Resources and NotesMonitorSwapAutomation
Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph APIwireshark-rdp
Wireshark RDP resourcesposh-git
A PowerShell environment for GitMSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.muOS-Artwork
MicroBurst
A collection of scripts for assessing Microsoft Azure securityAzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.AzureADAssessment
Tooling for assessing an Azure AD tenant state and configurationludus_sccm
An Ansible collection that installs an SCCM deployment with optional configurations.vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local labfuegoshell
Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445red_team_attack_lab
Red Team Attack Lab for TTP testing & researchpm2-installer
Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.winfetch
🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.Chimera
Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.yingji
应急相关内容积累Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.move-wsl
Easily move your WSL distros VHDX file to a new location.Terminal-Icons
A PowerShell module to show file and folder icons in the terminalcorecycler
Stability test script for PBO & Curve Optimizer stability testing on AMD Ryzen processorsOffensiveReverseShellCheatSheet
Collection of reverse shells for red team operations.Copilot-For-Security
Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principlesusbrubberducky-payloads
The Official USB Rubber Ducky Payload RepositoryMemProcFS-Analyzer
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIRkit-app-template
Omniverse Kit App TemplatepsDrugWars
psDrugWars: A ridiculous PowerShell-based game inspired by 'Drug Wars'. 💉💰👮Run-in-Sandbox
Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandbox very quickly just from a right-clickOffice365itpros
Office 365 for IT Pros PowerShell examplesfinops-toolkit
Open, extensible, and scalable platform for cost analytics, insights, and optimization.PS-SFTA
PowerShell Set File Type AssociationConPtyShell
ConPtyShell - Fully Interactive Reverse Shell for WindowsAADInternals
AADInternals PowerShell module for administering Azure AD and Office 365PowerSharpPack
PSDuckDB
PSDuckDB is a PowerShell module that provides seamless integration with DuckDB, enabling efficient execution of analytical SQL queries directly from the PowerShell environment.PowerShell-Yayaml
A YAML parser and writer that uses an Assembly Load Context on PowerShell 7+WinPwn
Automation for internal Windows Penetrationtest / AD-SecurityPowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Serverwindowsterminal-shell
Install/uninstall scripts for Windows Terminal context menu itemssvg-explorer-extension
Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG filesNVIDIA-patcher
Adds 3D acceleration support for mining cardsInvoke-SessionHunter
Retrieve and display information about active user sessions on remote computers. No admin privileges required.TokenTactics
Azure JWT Token Manipulation Toolsetdiscover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.winget-command-not-found
WinGet Command Not Found is a PowerShell 7 module to help you install missing packages. With this module, you will be recommended relevant WinGet packages whenever an unrecognized command is entered.AutoHDRSwitch
Automates turning off HDR on host if the Moonlight client is asking for an SDR stream.monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.Versions
📦 A Scoop bucket for alternative versions of apps.dataverse-http-file-samples
Creds
Some usefull Scripts and Executables for Pentest & ForensicsBurntToast
Module for creating and displaying Toast Notifications on Microsoft Windows 10.powershell-scripts
Office 365 Reporting PowerShell ScriptsAZ-104-MicrosoftAzureAdministrator
AZ-104 Microsoft Azure AdministratorPSVirtualDesktop
VirtualDesktop is a Powershell module that provides commandlets to manage virtual desktops of Windows 10.Invoke-Stealth
Simple & Powerful PowerShell Script ObfuscatorMailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver TicketProtectMyTooling
Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.BadZure
BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+powerBTremover
Simple powershell script to remove stubborn Bluetooth devicesmicrosoft
C#, Python, TypeScriptdotnet
C#, PowerShell, TypeScriptMicrosoftDocs
PowerShell, C#, HTMLScoopInstaller
PowerShell, C#, HTMLChrisTitusTech
Shell, PowerShell, LuaSycnex
PowerShellmandiant
Python, C, C++Azure
C#, Python, TypeScriptPowerShellMafia
PowerShellsamratashok
PowerShell, PythonBloodHoundAD
C#, PowerShell, HTMLk8gege
Python, PowerShell, Rubyactions
TypeScript, JavaScript, PowerShelldafthack
PowerShell, Python, C#farag2
PowerShell, VBScript, JavaScriptamd64fox
PowerShell, HTML, Batchfiledahlbyk
C#, PowerShell, JavaScriptEmpireProject
PowerShell, JavaScript, PythonEvotecIT
PowerShell, C#, HTMLS3cur3Th1sSh1t
C#, PowerShell, NimMicrosoftLearning
C#, PowerShell, Jupyter NotebookNetSPI
Java, PowerShell, Pythondanielbohannon
PowerShellW4RH4WK
C, C++, HTMLhak5
Shell, C, HTMLLove Open Source and this site? Check out how you can help us