应急相关内容积累
Support
Quality
Security
License
Reuse
Mega collection of 500+ useful cross-platform PowerShell scripts.
Support
Quality
Security
License
Reuse
Work with Windows containers and LCOW on Mac/Linux/Windows
Support
Quality
Security
License
Reuse
🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.
Support
Quality
Security
License
Reuse
A PowerShell script anti-virus evasion tool
Support
Quality
Security
License
Reuse
Guide by Example
Support
Quality
Security
License
Reuse
Deno Binary Installer
Support
Quality
Security
License
Reuse
PowerShell ReverseTCP Shell - Framework
Support
Quality
Security
License
Reuse
A tool for checking if MFA is enabled on multiple Microsoft Services
Support
Quality
Security
License
Reuse
PowerShell MachineAccountQuota and DNS exploit tools
Support
Quality
Security
License
Reuse
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
Support
Quality
Security
License
Reuse
Various PowerShell functions and scripts
Support
Quality
Security
License
Reuse
Repo for the Azure Master Class
Support
Quality
Security
License
Reuse
Some usefull Scripts and Executables for Pentest & Forensics
Support
Quality
Security
License
Reuse
🐟 Yet Another bucket for lovely Scoop
Support
Quality
Security
License
Reuse
B
Beginners-Guide-to-Obfuscationby BC-SECURITY
PowerShell 
866 Version:Current License: Permissive (MIT)
Support
Quality
Security
License
Reuse
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
Support
Quality
Security
License
Reuse
LSTAR - CobaltStrike 综合后渗透插件
Support
Quality
Security
License
Reuse
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Support
Quality
Security
License
Reuse
Windows Event Log Killer
Support
Quality
Security
License
Reuse
R
RedTeamPowershellScriptsby Mr-Un1k0d3r
PowerShell 829 Version:Current License: Proprietary (Proprietary)
Various PowerShell scripts that may be useful during red team exercise
Support
Quality
Security
License
Reuse
P
Parsec-Cloud-Preparation-Toolby parsec-cloud
PowerShell 826 Version:Current
License: No License (No License)
License: No License (No License)Launch Parsec enabled cloud computers via your own cloud provider account.
Support
Quality
Security
License
Reuse
Office 365 for IT Pros PowerShell examples
Support
Quality
Security
License
Reuse
Public mirror for win32-pr
Support
Quality
Security
License
Reuse
HardeningKitty - Checks and hardens your Windows configuration
Support
Quality
Security
License
Reuse
AADInternals PowerShell module for administering Azure AD and Office 365
Support
Quality
Security
License
Reuse
Import / export Windows console settings
Support
Quality
Security
License
Reuse
|| Activate Burp Suite Pro with Key-Generator and Key-Loader ||
Support
Quality
Security
License
Reuse
Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.
Support
Quality
Security
License
Reuse
E
Event-Forwarding-Guidanceby nsacyber
PowerShell 785 Version:Current License: Proprietary (Proprietary)
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
Support
Quality
Security
License
Reuse
ConPtyShell - Fully Interactive Reverse Shell for Windows
Support
Quality
Security
License
Reuse
The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
Support
Quality
Security
License
Reuse
An open repo for Azure Monitor queries, workbooks, alerts and more
Support
Quality
Security
License
Reuse
This repo includes plenty of references for Azure learning, especially for the Azure certs and Azure architecture, and any other learning materials e.g. security and automation topics.
Support
Quality
Security
License
Reuse
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
Support
Quality
Security
License
Reuse
Manually ported color themes for ConEmu
Support
Quality
Security
License
Reuse
Exploit the credentials present in files and memory
Support
Quality
Security
License
Reuse
Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.
Support
Quality
Security
License
Reuse
This repo is used to host the source for the Microsoft 365 documentation on https://docs.microsoft.com.
Support
Quality
Security
License
Reuse
Code samples and extended documentation to support the guidance provided in the Microsoft Cloud Adoption Framework
Support
Quality
Security
License
Reuse
Random Tools
Support
Quality
Security
License
Reuse
A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
Support
Quality
Security
License
Reuse
F
Flipper_Zero_Badusb_hack5_payloadsby nocomp
PowerShell 735 Version:Current License: No License (No License)
License: No License (No License)hack5 badusb payloads moded for be played with flipper zero
Support
Quality
Security
License
Reuse
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
Support
Quality
Security
License
Reuse
A PowerShell Module Dedicated to Reverse Engineering
Support
Quality
Security
License
Reuse
:wrench: :hammer: A set of PowerShell functions you might use to enhance your own functions and scripts or to facilitate working in the console. Most should work in both Windows PowerShell and PowerShell 7, even cross-platform. Any operating system limitations should be handled on a per command basis. The Samples folder contains demonstration script files
Support
Quality
Security
License
Reuse
I
Invoke-DOSfuscationby danielbohannon
PowerShell 726 Version:Current License: Permissive (Apache-2.0)
Cmd.exe Command Obfuscation Generator & Detection Test Harness
Support
Quality
Security
License
Reuse
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
Support
Quality
Security
License
Reuse
Socks proxy, and reverse socks server using powershell.
Support
Quality
Security
License
Reuse
Install Linux from a running Windows system, without need for a live USB.
Support
Quality
Security
License
Reuse
y
Support
Quality
Security
License
Reuse
P
PowerShellby fleschutz
Mega collection of 500+ useful cross-platform PowerShell scripts.
PowerShell 944Updated: 2 y ago License: Permissive (CC0-1.0)
944Updated: 2 y ago License: Permissive (CC0-1.0)Support
Quality
Security
License
Reuse
w
windows-docker-machineby StefanScherer
Work with Windows containers and LCOW on Mac/Linux/Windows
PowerShell 938Updated: 2 y ago License: Permissive (MIT)
938Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
winfetchby lptstr
🛠 A command-line system information utility written in PowerShell. Like Neofetch, but for Windows.
PowerShell 934Updated: 2 y ago License: Permissive (MIT)
934Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
x
xencryptby the-xentropy
A PowerShell script anti-virus evasion tool
PowerShell 934Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
934Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
selfhosted-apps-dockerby DoTheEvo
Guide by Example
PowerShell 933Updated: 2 y ago License: No License (No License)
933Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
deno_installby denoland
Deno Binary Installer
PowerShell 918Updated: 2 y ago License: No License (No License)
918Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
R
ReverseTCPShellby ZHacker13
PowerShell ReverseTCP Shell - Framework
PowerShell 914Updated: 4 y ago License: No License (No License)
914Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
M
MFASweepby dafthack
A tool for checking if MFA is enabled on multiple Microsoft Services
PowerShell 904Updated: 2 y ago License: Permissive (MIT)
904Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
P
Powermadby Kevin-Robertson
PowerShell MachineAccountQuota and DNS exploit tools
PowerShell 903Updated: 2 y ago License: Permissive (BSD-3-Clause)
903Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
C
CVE-2021-1675by calebstewart
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
PowerShell 899Updated: 2 y ago License: No License (No License)
899Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
P
PowerShellby RamblingCookieMonster
Various PowerShell functions and scripts
PowerShell 897Updated: 2 y ago License: Permissive (MIT)
897Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
A
AzureMasterClassby johnthebrit
Repo for the Azure Master Class
PowerShell 886Updated: 2 y ago License: No License (No License)
886Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
C
Credsby S3cur3Th1sSh1t
Some usefull Scripts and Executables for Pentest & Forensics
PowerShell 877Updated: 2 y ago License: No License (No License)
877Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
doradoby chawyehsu
🐟 Yet Another bucket for lovely Scoop
PowerShell 870Updated: 2 y ago License: Permissive (Unlicense)
870Updated: 2 y ago License: Permissive (Unlicense)Support
Quality
Security
License
Reuse
B
Beginners-Guide-to-Obfuscationby BC-SECURITY
PowerShell 866Updated: 2 y ago License: Permissive (MIT)
866Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
T
ThreatPursuit-VMby fireeye
Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as well as threat hunters to get up and running quickly.
PowerShell 855Updated: 4 y ago License: Proprietary (Proprietary)
855Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
L
LSTARby lintstar
LSTAR - CobaltStrike 综合后渗透插件
PowerShell 846Updated: 2 y ago License: No License (No License)
846Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
c
cobalt-arsenalby mgeeky
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
PowerShell 845Updated: 2 y ago License: Permissive (MIT)
845Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
I
Invoke-Phant0mby hlldz
Windows Event Log Killer
PowerShell 834Updated: 4 y ago License: Strong Copyleft (GPL-3.0)
834Updated: 4 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
R
RedTeamPowershellScriptsby Mr-Un1k0d3r
Various PowerShell scripts that may be useful during red team exercise
PowerShell 829Updated: 2 y ago License: Proprietary (Proprietary)
829Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
P
Parsec-Cloud-Preparation-Toolby parsec-cloud
Launch Parsec enabled cloud computers via your own cloud provider account.
PowerShell 826Updated: 2 y ago License: No License (No License)
826Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
O
Office365itprosby 12Knocksinna
Office 365 for IT Pros PowerShell examples
PowerShell 823Updated: 2 y ago License: Permissive (MIT)
823Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
win32by MicrosoftDocs
Public mirror for win32-pr
PowerShell 821Updated: 2 y ago License: Permissive (CC-BY-4.0)
821Updated: 2 y ago License: Permissive (CC-BY-4.0)Support
Quality
Security
License
Reuse
H
HardeningKittyby scipag
HardeningKitty - Checks and hardens your Windows configuration
PowerShell 811Updated: 2 y ago License: Permissive (MIT)
811Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
A
AADInternalsby Gerenios
AADInternals PowerShell module for administering Azure AD and Office 365
PowerShell 810Updated: 2 y ago License: Permissive (MIT)
810Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
c
concfgby lukesampson
Import / export Windows console settings
PowerShell 800Updated: 4 y ago License: Permissive (MIT)
800Updated: 4 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
B
Burp-Suiteby SNGWN
|| Activate Burp Suite Pro with Key-Generator and Key-Loader ||
PowerShell 796Updated: 2 y ago License: No License (No License)
796Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
W
Windows-11-Guideby mikeroyal
Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.
PowerShell 789Updated: 2 y ago License: No License (No License)
789Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
E
Event-Forwarding-Guidanceby nsacyber
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
PowerShell 785Updated: 2 y ago License: Proprietary (Proprietary)
785Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
C
ConPtyShellby antonioCoco
ConPtyShell - Fully Interactive Reverse Shell for Windows
PowerShell 778Updated: 2 y ago License: Permissive (MIT)
778Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
E
ElevateKitby rsmudge
The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
PowerShell 776Updated: 2 y ago License: No License (No License)
776Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
A
AzureMonitorCommunityby microsoft
An open repo for Azure Monitor queries, workbooks, alerts and more
PowerShell 776Updated: 2 y ago License: Permissive (MIT)
776Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
a
awesome-azure-learningby ddneves
This repo includes plenty of references for Azure learning, especially for the Azure certs and Azure architecture, and any other learning materials e.g. security and automation topics.
PowerShell 774Updated: 2 y ago License: Permissive (CC0-1.0)
774Updated: 2 y ago License: Permissive (CC0-1.0)Support
Quality
Security
License
Reuse
S
SkyArkby cyberark
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
PowerShell 774Updated: 2 y ago License: Permissive (MIT)
774Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
C
ConEmu-Color-Themesby joonro
Manually ported color themes for ConEmu
PowerShell 773Updated: 2 y ago License: No License (No License)
773Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
P
PowerMemoryby giMini
Exploit the credentials present in files and memory
PowerShell 769Updated: 4 y ago License: Proprietary (Proprietary)
769Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
K
Kautilyaby samratashok
Kautilya - Tool for easy use of Human Interface Devices for offensive security and penetration testing.
PowerShell 768Updated: 4 y ago License: Proprietary (Proprietary)
768Updated: 4 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
m
microsoft-365-docsby MicrosoftDocs
This repo is used to host the source for the Microsoft 365 documentation on https://docs.microsoft.com.
PowerShell 760Updated: 2 y ago License: Permissive (CC-BY-4.0)
760Updated: 2 y ago License: Permissive (CC-BY-4.0)Support
Quality
Security
License
Reuse
C
CloudAdoptionFrameworkby microsoft
Code samples and extended documentation to support the guidance provided in the Microsoft Cloud Adoption Framework
PowerShell 741Updated: 2 y ago License: Permissive (CC-BY-4.0)
741Updated: 2 y ago License: Permissive (CC-BY-4.0)Support
Quality
Security
License
Reuse
M
Misc-Powershell-Scriptsby rvrsh3ll
Random Tools
PowerShell 735Updated: 2 y ago License: Permissive (MIT)
735Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
G
Grouperby l0ss
A PowerShell script for helping to find vulnerable settings in AD Group Policy. (deprecated, use Grouper2 instead!)
PowerShell 735Updated: 2 y ago License: Permissive (MIT)
735Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
F
Flipper_Zero_Badusb_hack5_payloadsby nocomp
hack5 badusb payloads moded for be played with flipper zero
PowerShell 735Updated: 2 y ago License: No License (No License)
735Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
W
WMImplantby FortyNorthSecurity
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
PowerShell 732Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
732Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
P
PowerShellArsenalby mattifestation
A PowerShell Module Dedicated to Reverse Engineering
PowerShell 730Updated: 4 y ago License: No License (No License)
730Updated: 4 y ago License: No License (No License)Support
Quality
Security
License
Reuse
P
PSScriptToolsby jdhitsolutions
:wrench: :hammer: A set of PowerShell functions you might use to enhance your own functions and scripts or to facilitate working in the console. Most should work in both Windows PowerShell and PowerShell 7, even cross-platform. Any operating system limitations should be handled on a per command basis. The Samples folder contains demonstration script files
PowerShell 726Updated: 2 y ago License: Permissive (MIT)
726Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
I
Invoke-DOSfuscationby danielbohannon
Cmd.exe Command Obfuscation Generator & Detection Test Harness
PowerShell 726Updated: 2 y ago License: Permissive (Apache-2.0)
726Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
A
ADACLScannerby canix1
Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory
PowerShell 725Updated: 2 y ago License: Weak Copyleft (MS-PL)
725Updated: 2 y ago License: Weak Copyleft (MS-PL)Support
Quality
Security
License
Reuse
I
Invoke-SocksProxyby p3nt4
Socks proxy, and reverse socks server using powershell.
PowerShell 725Updated: 2 y ago License: Permissive (MIT)
725Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
t
tunicby mikeslattery
Install Linux from a running Windows system, without need for a live USB.
PowerShell 719Updated: 4 y ago License: Strong Copyleft (GPL-3.0)
719Updated: 4 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse