Discover PowerShell

1

winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates

🔥🔥🔥

2

Win11Debloat

A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.

🔥🔥

3

runner-images

GitHub Actions runner images

📣

4

GOAD

game of active directory

⬆️

5

SpotX

Modified Spotify client. Blocks ads and updates, and more.

⬆️

6

Scoop

A command-line installer for Windows.

⬆️

7

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

⬆️

8

windows-dev-box-setup-scripts

Scripts to simplify setting up a Windows developer box

⬆️

9

selfhosted-apps-docker

Guide by Example

⬆️

10

WSL

Issues found on WSL

⬆️

11

Easy-GPU-PV

A Project dedicated to making GPU Partitioning on Windows easier!

⬆️

12

BARK

BloodHound Attack Research Kit

⬆️

13

PwshSpectreConsole

👻 PwshSpectreConsole is an opinionated wrapper for the awesome Spectre.Console library

⬆️

14

core

.NET news, announcements, release notes, and more!

⬆️

15

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

⬆️

16

BloodHound

Six Degrees of Domain Admin

⬆️

17

AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365

⬆️

18

Win-Debloat-Tools

These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.

⬆️

19

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.

⬆️

20

ShellSweep

ShellSweeping the evil.

⬆️

21

kit-app-template

Omniverse Kit App Template

⬆️

22

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

⬆️

23

BAADTokenBroker

⬆️

24

Microsoft

Scripts and tools for use with Microsoft products/technologies

⬆️

25

MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

⬆️

26

TokenTactics

Azure JWT Token Manipulation Toolset

⬆️

27

SIEM

SIEM Tactics, Techiques, and Procedures

⬆️

28

Invoke-ADEnum

Automate Active Directory Enumeration

⬆️

29

winfetch

🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.

⬆️

30

Windows-Optimize-Harden-Debloat

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.

⬆️

31

PowerShell

500+ PowerShell scripts (.ps1) for every system!

⬆️

32

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

⬆️

33

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

⬆️

34

usbrubberducky-payloads

The Official USB Rubber Ducky Payload Repository

⬆️

35

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

⬆️

36

NetNTLMtoSilverTicket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

⬆️

37

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

⬆️

38

Ladon

Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

⬆️

39

sunshine-virtual-monitor

Scripts and instruction for automatically setting up a lone virtual monitor to stream from sunshine.

⬆️

40

ARI

Azure Resource Inventory - It's a Powerful tool to create EXCEL inventory from Azure Resources with low effort

⬆️

41

PowerZure

PowerShell framework to assess Azure security

⬆️

42

svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files

⬆️

43

MonitorSwapAutomation

Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.

⬆️

44

GPOZaurr

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them.

⬆️

45

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

⬆️

46

pm2-installer

Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.

⬆️

47

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

⬆️

48

Windows10Debloater

Script to remove Windows 10 bloatware.

⬆️

49

PSFzf

A PowerShell wrapper around the fuzzy finder fzf

⬆️

50

PrivescCheck

Privilege Escalation Enumeration Script for Windows

⬆️

51

PS2EXE

Module to compile powershell scripts to executables

⬆️

52

PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

⬆️

53

Office365itpros

Office 365 for IT Pros PowerShell examples

⬆️

54

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

⬆️

55

Azure-MG-Sub-Governance-Reporting

Azure Governance Visualizer aka AzGovViz is a PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.

⬆️

56

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

⬆️

57

Azure-Red-Team

Azure Security Resources and Notes

⬆️

58

Terminal-Icons

A PowerShell module to show file and folder icons in the terminal

⬆️

59

PowerRunAsSystem

Run application as system with interactive system process support (active Windows session)

⬆️

60

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

⬆️

61

Automated-MUlti-UAC-Bypass

Automated Multi UAC BYPASS for win10|win11|win12-pre-release|ws2019|ws2022

⬆️

62

MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

⬆️

63

MSSprinkler

MSSprinkler is a password spraying utility for organizations to test their M365 accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, and provides verbose information related to accounts and tenant information.

⬆️

64

dorado

🐟 Yet Another bucket for lovely Scoop

⬆️

65

ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.

⬆️

66

ShellGen

PowerShell script to generate ShellCode in various formats

⬆️

67

tinytex-releases

Windows/macOS/Linux binaries and installation methods of TinyTeX

⬆️

68

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

⬆️

69

ios-safari-remote-debug-kit

Remotely debugging iOS Safari on Windows and Linux

⬆️

70

SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

⬆️

71

TokenTacticsV2

A fork of the great TokenTactics with support for CAE and token endpoint v2

⬆️

72

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

⬆️

73

WiFi-password-stealer

Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

⬆️

74

PowerShell

PowerShell for Active Directory, Defender XDR, Entra ID, Exchange Server, Microsoft 365, Windows, and more! ✌️

⬆️

75

EntraOps

Community project to classify, identify and protect your privileges based on Enterprise Access Model (EAM)

⬆️

76

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

⬆️

77

Extras

📦 The Extras bucket for Scoop.

⬆️

78

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.

⬆️

79

cpp-docs

C++ Documentation

⬆️

80

JAWS

JAWS - Just Another Windows (Enum) Script

⬆️

81

MicroBurst

A collection of scripts for assessing Microsoft Azure security

⬆️

82

PowerHub

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

⬆️

83

ModulePath

PowerShell Module to get and set the primary PSModulePath config

⬆️

84

Windows-Containers

This repository is offered for tracking features and issues with Windows Containers. The Windows Containers product team will monitor this repo in order to engage with our community and discuss questions, customer scenarios, or feature requests.

⬆️

85

PowerHuntShares

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

⬆️

86

psgetsystem

getsystem via parent process using ps1 & embeded c#

⬆️

87

WHD

WHDownloader backup repo

⬆️

88

AMSI-BYPASS

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

⬆️

89

VMwareCloak

A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.

⬆️

90

Active_Directory_Advanced_Threat_Hunting

This repo is about Active Directory Advanced Threat Hunting

⬆️

91

CMPackager

Creates ConfigMgr Applications using XML Recipe Files

⬆️

92

resharper-rider-plugin

https://www.jetbrains.com/help/resharper/sdk/

⬆️

93

Powermad

PowerShell MachineAccountQuota and DNS exploit tools

⬆️

94

Invoke-EDRChecker

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.

⬆️

95

php-windows-builder

Tooling to build PHP and extensions on Windows

⬆️

96

Invoke-Everything

⬆️

97

pbimonitor

⬆️

98

posh-git

A PowerShell environment for Git

⬆️

99

PoshFunctions

A curated collection of PowerShell scripts packaged into a module.

⬆️

100

WELA

WELA (Windows Event Log Analyzer): The Swiss Army knife for Windows Event Logs! ゑ羅（ウェラ）

⬆️