PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.
☆71Dec 12, 2024Updated last year
Alternatives and similar repositories for PowerHunt
Users that are interested in PowerHunt are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains…☆1,009Oct 15, 2025Updated 6 months ago
- Reverse TCP Powershell has never been this paranoid. (basically an Opsec-safe reverse powershell)☆30Feb 4, 2022Updated 4 years ago
- Regex based secret scanner for sccm deployment points sccmcontentlib$ shares. Find secrets automatically and download entire packages for…☆18Aug 13, 2025Updated 8 months ago
- A framework for easy payloads development and deployment, collection of customizable XSS payloads☆26Feb 20, 2022Updated 4 years ago
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Analyze ARP requests to identify hosts that are communicating with one another.☆19Jun 21, 2019Updated 6 years ago
- A tool to create randomly insecure file shares that also contain unsecured credential files☆49Feb 16, 2026Updated 2 months ago
- A curated list of tools for incident response☆21Sep 24, 2019Updated 6 years ago
- ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of …☆77Nov 19, 2024Updated last year
- Simulation of manufacturing systems☆15Mar 15, 2022Updated 4 years ago
- Rust Weaponization for Red Team Engagements.☆12Nov 14, 2022Updated 3 years ago
- Manage Engine Decrypter☆24Oct 17, 2022Updated 3 years ago
- Outil de récupération automatique des données AZure / Automated tool for dumping Azure configuration data☆21Nov 13, 2025Updated 5 months ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Bloodhound Reporting for Blue and Purple Teams☆1,289Nov 15, 2025Updated 5 months ago
- FindUncommonShares is a Python script allowing to quickly find uncommon shares in vast Windows Domains, and filter by READ or WRITE acces…☆431Nov 12, 2025Updated 5 months ago
- Dump NTDS with golden certificates and UnPAC the hash☆648Mar 20, 2024Updated 2 years ago
- Digital Forensic Investigative Scripts☆95Apr 10, 2026Updated 3 weeks ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- NetSPI PowerShell Scripts☆345Feb 10, 2026Updated 2 months ago
- POC for .NET mssql client for accessing database data through beacon☆64Sep 12, 2023Updated 2 years ago
- ☆20Nov 23, 2022Updated 3 years ago
- Personal repository with handy cheatsheets.☆16Oct 23, 2016Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆764Feb 3, 2026Updated 2 months ago
- string encryption in Nim☆19Jun 15, 2024Updated last year
- Quietly enumerate an Active Directory Domain via LDAP parsing users, admins, groups, etc.☆501Jan 23, 2023Updated 3 years ago
- Oriana is a threat hunting tool that leverages a subset of Windows events to build relationships, calculate totals and run analytics. The…☆175Jun 10, 2021Updated 4 years ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆419Mar 21, 2025Updated last year
- Basic guide for performing a Physical PenTest - Nist 800-12, 800-53, 800-115, 800-152☆23Jan 1, 2023Updated 3 years ago
- Azure Deployment Templates for Mandiant Managed Huning☆12Jun 1, 2023Updated 2 years ago
- Make everyone in your VLAN ASRep roastable☆255Oct 7, 2025Updated 6 months ago
- All about CVE-2022-30190, aka follina, that is a RCE vulnerability that affects Microsoft Support Diagnostic Tools (MSDT) on Office apps …☆22Aug 6, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A 2-in-1 toolset of https://github.com/x0rz/EQGRP_Lost_in_Translation and https://github.com/x0rz/EQGRP☆27Aug 2, 2019Updated 6 years ago
- ☆38Aug 23, 2022Updated 3 years ago
- .NET wrapper around LogonUserA to test creds☆12Jun 2, 2022Updated 3 years ago
- A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365☆788Oct 29, 2022Updated 3 years ago
- Threat Hunter's Knowledge Base☆22Dec 27, 2021Updated 4 years ago
- Quick lookup files for SUNBURST Backdoor☆12Dec 15, 2020Updated 5 years ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆105Apr 22, 2026Updated last week