Run0nceEx

Run0nceEx

44 followers · 969 following

Starred repositories

21 stars written in PowerShell

Clear filter

S3cur3Th1sSh1t / WinPwn

Automation for internal Windows Penetrationtest / AD-Security

PowerShell 3,428 533 Updated Nov 26, 2024

dafthack / MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

PowerShell 3,016 579 Updated Aug 7, 2024

olafhartong / sysmon-modular

A repository of sysmon configuration modules

PowerShell 2,733 606 Updated Aug 21, 2024

last-byte / PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made w…

PowerShell 1,968 195 Updated Dec 11, 2024

OTRF / Security-Datasets

Re-play Security Events

PowerShell 1,625 238 Updated Mar 20, 2024

tihanyin / PSSW100AVB

A list of useful Powershell scripts with 100% AV bypass (At the time of publication).

PowerShell 1,075 172 Updated Jan 28, 2025

mgeeky / cobalt-arsenal

My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+

PowerShell 1,065 154 Updated Apr 19, 2023

redcanaryco / invoke-atomicredteam

Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red-team/tree/master/atomics) of Red Canary's Atomic Red Team p…

PowerShell 884 205 Updated Feb 28, 2025

ion-storm / sysmon-config

Forked from SwiftOnSecurity/sysmon-config

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events…

PowerShell 794 143 Updated Nov 5, 2023

bluecapesecurity / PWF

Practical Windows Forensics Training

PowerShell 647 117 Updated Feb 29, 2024

R3MRUM / PSDecode

PowerShell script for deobfuscating encoded PowerShell scripts

PowerShell 424 78 Updated Feb 4, 2021

mikemaccana / powershell-profile

Mike's Powershell Profile (and how to set up Windows console if you've been using *nix for 20 years)

PowerShell 395 39 Updated Jan 11, 2020

Whitecat18 / Powershell-Scripts-for-Hackers-and-Pentesters

An List of my own Powershell scripts, commands and Blogs for windows Red Teaming.

PowerShell 393 44 Updated Feb 23, 2025

d4rksystem / VMwareCloak

A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.

PowerShell 337 61 Updated Jan 25, 2025

nccgroup / acCOMplice

Tools for discovery and abuse of COM hijacks

PowerShell 300 47 Updated Oct 15, 2019

Arno0x / DBC2

DBC2 (DropboxC2) is a modular post-exploitation tool, composed of an agent running on the victim's machine, a controler, running on any machine, powershell modules, and Dropbox servers as a means o…

PowerShell 294 84 Updated Oct 27, 2017

PwnDexter / Invoke-EDRChecker

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for th…

PowerShell 257 50 Updated Oct 9, 2023

airbus-cert / Invoke-Bof

Load any Beacon Object File using Powershell!

PowerShell 246 35 Updated Dec 9, 2021

kacos2000 / WindowsTimeline

Windows 10 (v1803+) ActivitiesCache.db parsers (SQLite, PowerShell, .EXE)

PowerShell 181 22 Updated Feb 16, 2023

microsoft / MSTIC-Sysmon

Anything Sysmon related from the MSTIC R&D team

PowerShell 149 29 Updated Jun 8, 2024

davidhowell-tx / PS-DigitalForensics

PowerShell scripts for Hard Drive forensics and parsing Windows Artifacts

PowerShell 56 12 Updated Oct 15, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly