IR-Tools - PowerShell tools for IR
☆130Jul 10, 2017Updated 8 years ago
Alternatives and similar repositories for IR-Tools
Users that are interested in IR-Tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Offensive Data Storage☆61Sep 1, 2016Updated 9 years ago
- Custom scripts released for BSidesDC 2016☆14Oct 19, 2016Updated 9 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆105Jul 2, 2017Updated 8 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆319Dec 29, 2017Updated 8 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Mar 6, 2017Updated 9 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆163Apr 11, 2017Updated 8 years ago
- Collection of PowerShell scripts☆450Dec 18, 2017Updated 8 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆635Jun 20, 2017Updated 8 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆231Nov 17, 2017Updated 8 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Feb 27, 2025Updated last year
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Oct 6, 2017Updated 8 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- Forward local or remote tcp ports through SMB pipes.☆297Mar 7, 2021Updated 5 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- Powershell VNC injector☆341Jun 29, 2020Updated 5 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆387Jun 25, 2024Updated last year
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Powershell-based Windows Security Auditing Toolbox☆574Jan 9, 2019Updated 7 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆844Jun 25, 2024Updated last year
- Powershell C2 Server and Implants☆576Nov 11, 2019Updated 6 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Jun 8, 2017Updated 8 years ago
- Exploit the credentials present in files and memory☆844May 25, 2023Updated 2 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,427Nov 16, 2023Updated 2 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆657Aug 19, 2019Updated 6 years ago
- Powershell Empire Persistence finder☆119Jan 30, 2017Updated 9 years ago
- Environmental (and http) keying for scripting languages☆39Oct 5, 2018Updated 7 years ago
- InfoPath Phishing Repo Resource☆68Oct 26, 2017Updated 8 years ago
- Empire HTTP(S) C2 redirector setup script☆48Jul 10, 2018Updated 7 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- few months old but better than nothing☆58Feb 11, 2022Updated 4 years ago
- Rogue Synergy server☆18Mar 8, 2017Updated 9 years ago
- ☆19May 31, 2017Updated 8 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 8 years ago
- Remote Recon and Collection☆460Nov 23, 2017Updated 8 years ago
- Port of eternal blue exploits to powershell☆151Jun 3, 2017Updated 8 years ago
- Open source offensive security platform for red team, by red team.☆384Oct 23, 2017Updated 8 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,214Sep 14, 2020Updated 5 years ago
- Some IR notes☆73Jul 23, 2016Updated 9 years ago