Script to remove Windows 10 bloatware.

PowerSploit - A PowerShell Post-Exploitation Framework

Six Degrees of Domain Admin

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Empire is a PowerShell and Python post-exploitation agent.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Red Teaming Tactics and Techniques

Automation for internal Windows Penetrationtest / AD-Security

Privilege Escalation Enumeration Script for Windows

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to…

PowerShell Pass The Hash Utils

A tool for checking if MFA is enabled on multiple Microsoft Services

NetRipper - Smart traffic sniffing for penetration testers

A PowerShell based utility for the creation of malicious Office macro documents.

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.

Ready to make the step to Markdown and saying farewell to your OneNote, EverNote or whatever proprietary note taking tool you are using? Nothing beats clear text, right? Read on!

MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.

🚀 PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted data, hashes PowerShell and various system properties, and se…

Collection of PowerShell scripts

cobaltstrike ms17-010 module and some other

Tools for discovery and abuse of COM hijacks