Discover PowerShell Trending Repositories for the last 90 days

Win11Debloat

A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.

🔥🔥🔥

winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates

🔥🔥

runner-images

GitHub Actions runner images

⬆️

Win-Debloat-Tools

These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.

⬆️

gcopy

A clipboard synchronization tool that based on Git.

⬆️

Scoop

A command-line installer for Windows.

⬆️

AMSI-BYPASS

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

⬆️

SpotX

Modified Spotify client. Blocks ads and updates, and more.

⬆️

WSL

Issues found on WSL

⬆️

core

.NET news, announcements, release notes, and more!

⬆️

ResolutionAutomation

Automates changing the host resolution to match the client resolution of Moonlight, with capabilities of supersampling if required

⬆️

PrivescCheck

Privilege Escalation Enumeration Script for Windows

⬆️

ScriptSentry

ScriptSentry finds misconfigured and dangerous logon scripts.

⬆️

selfhosted-apps-docker

Guide by Example

⬆️

GOAD

game of active directory

⬆️

Invoke-DumpMDEConfig

PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )

⬆️

BloodHound

Six Degrees of Domain Admin

⬆️

Invoke-ADEnum

Automate Active Directory Enumeration using PowerView

⬆️

Easy-GPU-PV

A Project dedicated to making GPU Partitioning on Windows easier!

⬆️

ADeleginator

A companion tool that uses ADeleg to find insecure trustee and resource delegations in Active Directory

⬆️

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

⬆️

Windows-Local-Privilege-Escalation-Cookbook

Windows Local Privilege Escalation Cookbook

⬆️

windows_hardening

HardeningKitty and Windows Hardening settings and configurations

⬆️

Misconfiguration-Manager

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

⬆️

psgetsystem

getsystem via parent process using ps1 & embeded c#

⬆️

Microsoft-Analyzer-Suite

A collection of PowerShell scripts for analyzing data from Microsoft 365 and Microsoft Entra ID

⬆️

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

⬆️

win32

Public mirror for win32-pr

⬆️

Sophia-Script-for-Windows

⚡ The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11

⬆️

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

⬆️

VirtualGHOST

VirtualGHOST Detection Tool

⬆️

PowerShell

500+ PowerShell scripts (.ps1) for every system!

⬆️

Amnesiac

Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environments

⬆️

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

⬆️

PingCastle-Notify

Monitor your PingCastle scans to highlight the rule diff between two scans

⬆️

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

⬆️

JAWS

JAWS - Just Another Windows (Enum) Script

⬆️

ADFSDump-PS

PowerShell Implementation of ADFSDump to assist with GoldenSAML

⬆️

Azure-Red-Team

Azure Security Resources and Notes

⬆️

MonitorSwapAutomation

Automates swapping to a dummy plug when streaming, then automates swapping back to primary monitor once finished.

⬆️

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

⬆️

wireshark-rdp

Wireshark RDP resources

⬆️

posh-git

A PowerShell environment for Git

⬆️

MSOLSpray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

⬆️

muOS-Artwork

⬆️

MicroBurst

A collection of scripts for assessing Microsoft Azure security

⬆️

AzureAD-Attack-Defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

⬆️

AzureADAssessment

Tooling for assessing an Azure AD tenant state and configuration

⬆️

ludus_sccm

An Ansible collection that installs an SCCM deployment with optional configurations.

⬆️

vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

⬆️

fuegoshell

Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445

⬆️

red_team_attack_lab

Red Team Attack Lab for TTP testing & research

⬆️

pm2-installer

Install PM2 offline as a service on Windows or Linux. Mostly designed for Windows.

⬆️

winfetch

🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.

⬆️

Chimera

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

⬆️

yingji

应急相关内容积累

⬆️

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

⬆️

move-wsl

Easily move your WSL distros VHDX file to a new location.

⬆️

Terminal-Icons

A PowerShell module to show file and folder icons in the terminal

⬆️

corecycler

Stability test script for PBO & Curve Optimizer stability testing on AMD Ryzen processors

⬆️

OffensiveReverseShellCheatSheet

Collection of reverse shells for red team operations.

⬆️

Copilot-For-Security

Microsoft Copilot for Security is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while remaining compliant to responsible AI principles

⬆️

usbrubberducky-payloads

The Official USB Rubber Ducky Payload Repository

⬆️

MemProcFS-Analyzer

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

⬆️

kit-app-template

Omniverse Kit App Template

⬆️

psDrugWars

psDrugWars: A ridiculous PowerShell-based game inspired by 'Drug Wars'. 💉💰👮

⬆️

Run-in-Sandbox

Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandbox very quickly just from a right-click

⬆️

Office365itpros

Office 365 for IT Pros PowerShell examples

⬆️

finops-toolkit

Open, extensible, and scalable platform for cost analytics, insights, and optimization.

⬆️

PS-SFTA

PowerShell Set File Type Association

⬆️

ConPtyShell

ConPtyShell - Fully Interactive Reverse Shell for Windows

⬆️

AADInternals

AADInternals PowerShell module for administering Azure AD and Office 365

⬆️

PowerSharpPack

⬆️

PSDuckDB

PSDuckDB is a PowerShell module that provides seamless integration with DuckDB, enabling efficient execution of analytical SQL queries directly from the PowerShell environment.

⬆️

PowerShell-Yayaml

A YAML parser and writer that uses an Assembly Load Context on PowerShell 7+

⬆️

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

⬆️

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

⬆️

windowsterminal-shell

Install/uninstall scripts for Windows Terminal context menu items

⬆️

svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files

⬆️

NVIDIA-patcher

Adds 3D acceleration support for mining cards

⬆️

Invoke-SessionHunter

Retrieve and display information about active user sessions on remote computers. No admin privileges required.

⬆️

TokenTactics

Azure JWT Token Manipulation Toolset

⬆️

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

⬆️

winget-command-not-found

WinGet Command Not Found is a PowerShell 7 module to help you install missing packages. With this module, you will be recommended relevant WinGet packages whenever an unrecognized command is entered.

⬆️

AutoHDRSwitch

Automates turning off HDR on host if the Moonlight client is asking for an SDR stream.

⬆️

monkey365

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

⬆️

Versions

📦 A Scoop bucket for alternative versions of apps.

⬆️

dataverse-http-file-samples

⬆️

Creds

Some usefull Scripts and Executables for Pentest & Forensics

⬆️

BurntToast

Module for creating and displaying Toast Notifications on Microsoft Windows 10.

⬆️

powershell-scripts

Office 365 Reporting PowerShell Scripts

⬆️

AZ-104-MicrosoftAzureAdministrator

AZ-104 Microsoft Azure Administrator

⬆️

PSVirtualDesktop

VirtualDesktop is a Powershell module that provides commandlets to manage virtual desktops of Windows 10.

⬆️

Invoke-Stealth

Simple & Powerful PowerShell Script Obfuscator

⬆️

MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

⬆️

NetNTLMtoSilverTicket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

⬆️

ProtectMyTooling

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.

⬆️

BadZure

BadZure orchestrates the setup of Azure AD tenants, populating them with diverse entities while also introducing common security misconfigurations to create vulnerable tenants with multiple attack paths.

⬆️

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

⬆️

100

powerBTremover

Simple powershell script to remove stubborn Bluetooth devices

⬆️

microsoft

C#, Python, TypeScript

41,849

dotnet

C#, PowerShell, TypeScript

MicrosoftDocs

ScoopInstaller

ChrisTitusTech

Shell, PowerShell, Lua

Sycnex

mandiant

Azure

C#, Python, TypeScript

PowerShellMafia

samratashok

BloodHoundAD

k8gege

Python, PowerShell, Ruby

9,493

actions

TypeScript, JavaScript, PowerShell

9,453

dafthack

PowerShell, Python, C#

8,655

farag2

PowerShell, VBScript, JavaScript

8,219

amd64fox

PowerShell, HTML, Batchfile

7,939

dahlbyk

C#, PowerShell, JavaScript

7,688

EmpireProject

PowerShell, JavaScript, Python

EvotecIT

S3cur3Th1sSh1t

MicrosoftLearning

C#, PowerShell, Jupyter Notebook

6,147

NetSPI

Java, PowerShell, Python

danielbohannon

W4RH4WK

hak5

Discover PowerShell

Trending Repositories

Top 25 Open Source PowerShell Heroes