PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
☆71Dec 12, 2024Updated last year
Alternatives and similar repositories for PowerHunt
Users that are interested in PowerHunt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains…☆995Oct 15, 2025Updated 5 months ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Feb 4, 2022Updated 4 years ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 7 months ago
- A framework for easy payloads development and deployment, collection of customizable XSS payloads☆26Feb 20, 2022Updated 4 years ago
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Analyze ARP requests to identify hosts that are communicating with one another.☆19Jun 21, 2019Updated 6 years ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated last month
- A curated list of tools for incident response☆21Sep 24, 2019Updated 6 years ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆62Apr 1, 2026Updated last week
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆77Nov 19, 2024Updated last year
- Simulation of manufacturing systems☆15Mar 15, 2022Updated 4 years ago
- Rust Weaponization for Red Team Engagements.☆12Nov 14, 2022Updated 3 years ago
- Manage Engine Decrypter☆24Oct 17, 2022Updated 3 years ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Bloodhound Reporting for Blue and Purple Teams☆1,282Nov 15, 2025Updated 4 months ago
- FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE acces…☆431Nov 12, 2025Updated 4 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆646Mar 20, 2024Updated 2 years ago
- Digital Forensic Investigative Scripts☆92Apr 2, 2026Updated last week
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- NetSPI PowerShell Scripts☆345Feb 10, 2026Updated 2 months ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- ☆20Nov 23, 2022Updated 3 years ago
- Personal repository with handy cheatsheets.☆16Oct 23, 2016Updated 9 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆13Dec 13, 2021Updated 4 years ago
- string encryption in Nim☆19Jun 15, 2024Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆501Jan 23, 2023Updated 3 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆176Jun 10, 2021Updated 4 years ago
- bowing to the AI Overlords.☆31Dec 18, 2024Updated last year
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆416Mar 21, 2025Updated last year
- Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152☆23Jan 1, 2023Updated 3 years ago
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- Make everyone in your VLAN ASRep roastable☆250Oct 7, 2025Updated 6 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps …☆22Aug 6, 2022Updated 3 years ago
- ☆75Jun 17, 2025Updated 9 months ago
- ☆38Aug 23, 2022Updated 3 years ago
- .NET wrapper around LogonUserA to test creds☆12Jun 2, 2022Updated 3 years ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆789Oct 29, 2022Updated 3 years ago
- Threat Hunter's Knowledge Base☆22Dec 27, 2021Updated 4 years ago
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago