Discover PowerShell

1

Scoop

A command-line installer for Windows.

🔥🔥🔥

2

WSL

Issues found on WSL

🔥🔥🔥

3

core

.NET news, announcements, release notes, and more!

🔥🔥

4

runner-images

GitHub Actions runner images

🔥🔥

5

Windows10Debloater

Script to remove Windows 10 bloatware.

🔥

6

blazor

Blazor moved to https://github.com/dotnet/aspnetcore

🔥

7

PowerSploit

PowerSploit - A PowerShell Post-Exploitation Framework

🔥

8

BloodHound

Six Degrees of Domain Admin

📣

9

posh-git

A PowerShell environment for Git

📣

10

Empire

Empire is a PowerShell and Python post-exploitation agent.

📣

11

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

📣

12

winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates

📣

13

oh-my-posh2

A prompt theming engine for Powershell

📣

14

Win11Debloat

A simple powershell script to remove bloatware apps from windows, disable telemetry, bing in windows search aswell as perform various other changes to declutter and improve your windows experience. This script works for both windows 10 and windows 11.

📣

15

commando-vm

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

📣

16

Debloat-Windows-10

A Collection of Scripts Which Disable / Remove Windows 10 Features and Apps

⬆️

17

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

⬆️

18

chocolatey

[DEPRECATED - https://github.com/chocolatey/choco] Chocolatey NuGet - Like apt-get, but for windows.

⬆️

19

K8tools

K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)

⬆️

20

Win10-Initial-Setup-Script

PowerShell script for automation of routine tasks done after fresh installations of Windows 10 / Server 2016 / Server 2019

⬆️

21

Invoke-Obfuscation

PowerShell Obfuscator

⬆️

22

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

⬆️

23

Ladon

Ladon大型内网渗透工具，可PowerShell模块化、可CS插件化、可内存加载，无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。Ladon 11.0内置234个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息，高危漏洞检测16个含MS17010、Zimbra、Exchange

⬆️

24

Sophia-Script-for-Windows

⚡ The most powerful PowerShell module on GitHub for fine-tuning Windows 10 & Windows 11

⬆️

25

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

⬆️

26

k8s-for-docker-desktop

为Docker Desktop for Mac/Windows开启Kubernetes和Istio。

⬆️

27

PowerShell-Suite

My musings with PowerShell

⬆️

28

sRDI

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

⬆️

29

MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

⬆️

30

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

⬆️

31

machinelearning-samples

Samples for ML.NET, an open source and cross-platform machine learning framework for .NET.

⬆️

32

PrivescCheck

Privilege Escalation Enumeration Script for Windows

⬆️

33

Pester

Pester is the ubiquitous test and mock framework for PowerShell.

⬆️

34

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

⬆️

35

GOAD

game of active directory

⬆️

36

mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory.

⬆️

37

awesome-powershell

A curated list of delightful PowerShell modules and resources

⬆️

38

SpotX

Modified Spotify client. Blocks ads and updates, and more.

⬆️

39

Invoke-PSImage

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

⬆️

40

Thanos.sh

if you are Thanos(root), this command could delete half your files randomly

⬆️

41

svg-explorer-extension

Extension module for Windows Explorer to render SVG thumbnails, so that you can have an overview of your SVG files

⬆️

42

Easy-GPU-PV

A Project dedicated to making GPU Partitioning on Windows easier!

⬆️

43

WSL

Source code behind the Windows Subsystem for Linux documentation.

⬆️

44

packer-windows

Windows Packer Templates

⬆️

45

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

⬆️

46

Sherlock

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

⬆️

47

powercat

netshell features all in version 2 powershell

⬆️

48

PowerTools

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

⬆️

49

Penetration-Testing-Tools

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

⬆️

50

Win-Debloat-Tools

These scripts will Customize, Debloat and Improve Privacy/Performance and System Responsiveness on Windows 10+.

⬆️

51

Invoke-TheHash

PowerShell Pass The Hash Utils

⬆️

52

deno_install

Deno Binary Installer

⬆️

53

windows-development-environment

🔭 Turning Windows into an environment ready for modern development

⬆️

54

PowerRemoteDesktop

Remote Desktop entirely coded in PowerShell.

⬆️

55

Extras

📦 The Extras bucket for Scoop.

⬆️

56

Active-Directory-Exploitation-Cheat-Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

⬆️

57

BadBlood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

⬆️

58

sysmon-modular

A repository of sysmon configuration modules

⬆️

59

Erebus

CobaltStrike后渗透测试插件

⬆️

60

PoshC2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

⬆️

61

GDK

Microsoft Public GDK

⬆️

62

MicroBurst

A collection of scripts for assessing Microsoft Azure security

⬆️

63

NetRipper

NetRipper - Smart traffic sniffing for penetration testers

⬆️

64

icebreaker

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment

⬆️

65

Virtualization-Documentation

Place to store our documentation, code samples, etc for public consumption.

⬆️

66

Main

📦 The default bucket for Scoop.

⬆️

67

vulnerable-AD

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

⬆️

68

windows-dev-box-setup-scripts

Scripts to simplify setting up a Windows developer box

⬆️

69

Red_Team

Some scripts useful for red team activities

⬆️

70

DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

⬆️

71

win10script

This is the Ultimate Windows 10 Script from a creation from multiple debloat scripts and gists from github.

⬆️

72

redsnarf

RedSnarf is a pen-testing / red-teaming tool for Windows environments

⬆️

73

psake

A build automation tool written in PowerShell

⬆️

74

boxstarter

Repeatable, reboot resilient windows environment installations made easy using Chocolatey packages

⬆️

75

SessionGopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

⬆️

76

Powermad

PowerShell MachineAccountQuota and DNS exploit tools

⬆️

77

PowerSharpPack

⬆️

78

luckystrike

A PowerShell based utility for the creation of malicious Office macro documents.

⬆️

79

bashbunny-payloads

The Official Bash Bunny Payload Repository

⬆️

80

windowsterminal-shell

Install/uninstall scripts for Windows Terminal context menu items

⬆️

81

AutomatedLab

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

⬆️

82

Exploits

Windows Exploits

⬆️

83

Security-Datasets

Re-play Security Events

⬆️

84

at-ps

Adversary Tactics - PowerShell Training

⬆️

85

architecture-center

Open Source documentation for the Azure Architecture Center on Microsoft Docs

⬆️

86

JAWS

JAWS - Just Another Windows (Enum) Script

⬆️

87

Fido

A PowerShell script to download Windows or UEFI Shell ISOs

⬆️

88

Azure-Red-Team

Azure Security Resources and Notes

⬆️

89

ReverseTCPShell

PowerShell ReverseTCP Shell - Framework

⬆️

90

DeepBlueCLI

⬆️

91

windows_hardening

HardeningKitty and Windows Hardening Settings

⬆️

92

cpp-docs

C++ Documentation

⬆️

93

Terminal-Icons

A PowerShell module to show file and folder icons in the terminal

⬆️

94

cmd-colors-solarized

Solarized color settings for Windows command prompt

⬆️

95

NetNTLMtoSilverTicket

SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket

⬆️

96

ADAPE-Script

Active Directory Assessment and Privilege Escalation Script

⬆️

97

cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

⬆️

98

windows-docker-machine

Work with Windows containers and LCOW on Mac/Linux/Windows

⬆️

99

red-team-scripts

A collection of Red Team focused tools, scripts, and notes

⬆️

100

WMImplant

This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.

⬆️