PowerSploit - A PowerShell Post-Exploitation Framework

Six Degrees of Domain Admin

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Empire is a PowerShell and Python post-exploitation agent.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

game of active directory

Repository for my flipper zero badUSB payloads. Now almost entirely plug and play.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Red Teaming Tactics and Techniques

PowerShell Obfuscator

Automation for internal Windows Penetrationtest / AD-Security

Privilege Escalation Enumeration Script for Windows

Pester is the ubiquitous test and mock framework for PowerShell.

OSCP Cheat Sheet

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A repository of sysmon configuration modules

My musings with PowerShell

500+ free PowerShell scripts (.ps1) for Linux, Mac OS, and Windows.

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

A collection of scripts for assessing Microsoft Azure security

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to…

The goal of this repository is to document the most common techniques to bypass AppLocker.

PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…