IR-Tools - PowerShell tools for IR
☆130Jul 10, 2017Updated 8 years ago
Alternatives and similar repositories for IR-Tools
Users that are interested in IR-Tools are comparing it to the libraries listed below
Sorting:
- Offensive Data Storage☆61Sep 1, 2016Updated 9 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilities☆319Dec 29, 2017Updated 8 years ago
- Custom scripts released for BSidesDC 2016☆14Oct 19, 2016Updated 9 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's s…☆105Jul 2, 2017Updated 8 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆163Apr 11, 2017Updated 8 years ago
- Collection of PowerShell scripts☆450Dec 18, 2017Updated 8 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Execution☆35Mar 6, 2017Updated 8 years ago
- Crack your macros like the math pros.☆33Feb 14, 2017Updated 9 years ago
- GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application.☆633Jun 20, 2017Updated 8 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.☆388Jun 25, 2024Updated last year
- ObfuscatedEmpire is a fork of Empire with Invoke-Obfuscation integrated directly into it's functionality.☆231Nov 17, 2017Updated 8 years ago
- Forward local or remote tcp ports through SMB pipes.☆296Mar 7, 2021Updated 4 years ago
- This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported …☆842Jun 25, 2024Updated last year
- Exploit the credentials present in files and memory☆842May 25, 2023Updated 2 years ago
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- Environmental (and http) keying for scripting languages☆39Oct 5, 2018Updated 7 years ago
- InfoPath Phishing Repo Resource☆68Oct 26, 2017Updated 8 years ago
- The PowerThIEf, an Internet Explorer Post Exploitation library☆130Feb 27, 2025Updated last year
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- Powershell Empire Persistence finder☆119Jan 30, 2017Updated 9 years ago
- Open source offensive security platform for red team, by red team.☆384Oct 23, 2017Updated 8 years ago
- A repo to hold some scripts pertaining WMI (Windows implementation of WBEM) forensics☆88Oct 6, 2017Updated 8 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.☆103Nov 17, 2020Updated 5 years ago
- Empire HTTP(S) C2 redirector setup script☆48Jul 10, 2018Updated 7 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- Powershell VNC injector☆341Jun 29, 2020Updated 5 years ago
- ☆52Sep 17, 2018Updated 7 years ago
- PowerForensics provides an all in one platform for live disk forensic analysis☆1,428Nov 16, 2023Updated 2 years ago
- A library for integrating communication channels with the Cobalt Strike External C2 server☆290Nov 23, 2017Updated 8 years ago
- Powershell-based Windows Security Auditing Toolbox☆573Jan 9, 2019Updated 7 years ago
- Rogue Synergy server☆18Mar 8, 2017Updated 8 years ago
- Powershell Persistence Locator☆66Sep 11, 2016Updated 9 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- PowerShell Remote Download Cradle Generator & Obfuscator☆854Mar 23, 2018Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across al…☆658Aug 19, 2019Updated 6 years ago
- WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…☆351Aug 27, 2018Updated 7 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- DNSDelivery provides delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.☆145Oct 6, 2019Updated 6 years ago