Discover the top trending PowerShell repositories and projects on Github. Explore the latest trends in PowerShell development.
sudo
It's sudo, for Windowswinutil
Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updatesrunner-images
GitHub Actions runner imagesWin11Debloat
A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.EDR-Telemetry
This project aims to compare and evaluate the telemetry of various EDR products.core
Home repository for .NET CoreScoop
A command-line installer for Windows.Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation CookbookWSL
Issues found on WSLWin-Debloat-Tools
These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.Easy-GPU-PV
A Project dedicated to making GPU Partitioning on Windows easier!SpotX
Modified Spotify client. Blocks ads and updates, and more.Automated-MUlti-UAC-Bypass
Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.Main
📦 The default bucket for Scoop.svg-explorer-extension
Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG filesClient-Checker
365Inspect
A PowerShell script that automates the security assessment of Microsoft Office 365 environments.BloodHound
Six Degrees of Domain AdminPowerShellAIAssistant
Enhance PowerShell scripting with AI using PowerShell AI Assistant module.PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_mortecommando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]TokenTactics
Azure JWT Token Manipulation Toolsetposh-git
A PowerShell environment for GitM365Documentation
Automatic Microsoft 365 Documentation to simplify the life of admins and consultants.HardeningKitty
HardeningKitty - Checks and hardens your Windows configurationselfhosted-apps-docker
Guide by ExamplePowerSploit
PowerSploit - A PowerShell Post-Exploitation FrameworkAzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph APIPowerShell
500+ PowerShell scripts (.ps1) for every system!usbrubberducky-payloads
The Official USB Rubber Ducky Payload RepositoryWinPwn
Automation for internal Windows Penetrationtest / AD-SecurityBARK
BloodHound Attack Research KitSophia-Script-for-Windows
⚡ The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.ios-safari-remote-debug-kit
Remotely debugging iOS Safari on Windows and LinuxRedTeaming-Tactics-and-Techniques
Red Teaming Tactics and TechniquesARI
Azure Resource Inventory - It's a Powerful tool to create EXCEL inventory from Azure Resources with low effortEventViewer-UACBypass
🍊 Orange Tsai EventViewer RCEDomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!sRDI
Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcodelando
A development tool for all your projects that is fast, easy, powerful and liberatingGDK
Microsoft Public GDKFido
A PowerShell script to download Windows or UEFI Shell ISOsResolutionAutomation
Automates changing the host resolution to match the client resolution of Moonlight, with capabilities of supersampling if requiredInvoke-Obfuscation
PowerShell Obfuscatorcobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+psgetsystem
getsystem via parent process using ps1 & embeded c#Microsoft-Analyzer-Suite
A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra IDPSFzf
A PowerShell wrapper around the fuzzy finder fzfpowercat
netshell features all in version 2 powershellinvoke-atomicredteam
Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team project.php-windows-builder
Tooling to build PHP on WindowsPowerShell-WSL-Interop
Integrate Linux commands into Windows with PowerShell and the Windows Subsystem for Linux (WSL).Azure-Verified-Modules
Azure Verified Modules (AVM) is an initiative to consolidate and set the standards for what a good Infrastructure-as-Code module looks like. Modules will then align to these standards, across languages (Bicep, Terraform etc.) and will then be classified as AVMs and available from their respective language specific registries.JAWS
JAWS - Just Another Windows (Enum) ScriptMFASweep
A tool for checking if MFA is enabled on multiple Microsoft ServicesBadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.PrimaryConstructorAnalyzer
Detect mutations for primary constructor parameterspyenv-win-venv
A CLI to manage virtual envs with pyenv-winCVE-2021-34527
ps-evm
High-performance EVM implementation written in modern PowerShell language.Creds
Some usefull Scripts and Executables for Pentest & ForensicsLME
Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.AwesomeCSV
🕶️A curated list of awesome tools for dealing with CSV.Windows-Sandbox-Utilities
A public repository for useful developments surrounding Windows Sandboxcorecycler
Stability test script for PBO & Curve Optimizer stability testing on AMD Ryzen processorsConvertOneNote2MarkDown
Ready to make the step to Markdown and saying farewell to your OneNote, EverNote or whatever proprietary note taking tool you are using? Nothing beats clear text, right? Read on!aspire-mobile
.NET Aspire support for .NET MAUI and other mobile clientsMSIdentityTools
Repository for the Microsoft Identity Tools PowerShell module which provides various tools for performing enhanced Identity administration activities.scripts
Public library of scripts maintained by Ironman Software.PowerParse
PowerShell PE ParserAmsi_Bypass_In_2023
Amsi Bypass payload that works on Windwos 11Microsoft-Extractor-Suite
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.Onion-Desktop-Tools
A software to install and configure Onion OS for Miyoo MiniDCToolbox
Tools for Microsoft cloud fansADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.psutils
Command line utilities written in PowershellInvoke-DHCPCheckup
ShellSweep
ShellSweeping the evil.GamingPCSetup
A research and evidence based approach to optimizing your gaming PC, configuration and setup. Recommendations found in this guide are based on curated reputable technical references, and personal research.PSWriteHTML
PSWriteHTML is PowerShell Module to generate beautiful HTML reports, pages, emails without any knowledge of HTML, CSS or JavaScript. To get started basics PowerShell knowledge is required.windows-development-environment
🔭 Turning Windows into an environment ready for modern developmentAzure-Red-Team
Azure Security Resources and Notesphysmem_drivers
A collection of various vulnerable (mostly physical memory exposing) drivers.Pester
Pester is the ubiquitous test and mock framework for PowerShell.xcyclopedia
Encyclopedia for Executablesazucar
Security auditing tool for Azure environmentsGPOZaurr
Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.Windows-Optimize-Harden-Debloat
Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)NetNTLMtoSilverTicket
SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver TicketPowermad
PowerShell MachineAccountQuota and DNS exploit toolsPSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.exchange-penetration-testing
The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)PwshSpectreConsole
👻 PwshSpectreConsole is an opinionated wrapper for the awesome Spectre.Console libraryPowerHuntShares
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.microsoft
C#, Python, TypeScriptdotnet
C#, PowerShell, TypeScriptMicrosoftDocs
PowerShell, C#, HTMLScoopInstaller
PowerShell, C#, TypeScriptSycnex
PowerShellChrisTitusTech
Shell, Lua, PowerShellmandiant
Python, C, C++Azure
C#, Python, TypeScriptPowerShellMafia
PowerShellsamratashok
PowerShell, PythonBloodHoundAD
C#, PowerShell, HTMLk8gege
Python, PowerShell, Rubyactions
TypeScript, JavaScript, PowerShelldafthack
PowerShell, Python, PHPfarag2
PowerShell, VBScript, JavaScriptamd64fox
PowerShell, Python, HTMLdahlbyk
C#, PowerShell, JavaScriptEmpireProject
PowerShell, JavaScript, JavaS3cur3Th1sSh1t
C#, PowerShell, NimMicrosoftLearning
PowerShell, C#, Jupyter NotebookEvotecIT
PowerShell, C#, HTMLW4RH4WK
C, C++, HTMLNetSPI
Java, PowerShell, Pythondanielbohannon
PowerShellhak5
Shell, C, PowerShellLove Open Source and this site? Check out how you can help us