WithSecureLabs / RemotePSpy
RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShell which do not have comprehensive logging facilities built in.
☆18Updated 5 years ago
Alternatives and similar repositories for RemotePSpy:
Users that are interested in RemotePSpy are comparing it to the libraries listed below
- Microsoft Applocker evasion tool☆38Updated 5 years ago
- ☆25Updated 6 years ago
- ☆21Updated 7 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Updated 6 years ago
- Set of ultra technical notes about AD☆18Updated 6 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆58Updated 6 years ago
- simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe☆14Updated 8 years ago
- ☆26Updated 6 years ago
- A cross platform tool for verifying credentials and executing single commands☆32Updated 5 years ago
- Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.☆31Updated 8 years ago
- Extracts Azure authentication tokens from PowerShell process minidumps.☆23Updated last year
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆33Updated 5 years ago
- BloodHound Data Scanner☆44Updated 4 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29Updated 6 years ago
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- C# Implementation of Get-VaultCredential☆13Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 4 years ago
- BloodHound Cypher Queries Ported to a Jupyter Notebook☆53Updated 4 years ago
- LogRM is a post exploitation powershell script which it uses windows event logs to gather information about internal network☆73Updated 5 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Updated 5 years ago
- ☆53Updated 5 years ago
- Obtains a list of GPOs based on known Client Side Extensions (CSE) that normally contain passwords☆33Updated 5 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆45Updated 7 years ago
- ☆16Updated 5 years ago
- Easily serve HTTP and DNS keys for proper payload protection☆59Updated 6 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆53Updated 11 months ago
- Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline☆35Updated 5 years ago
- Generate Mimikatz Golden Ticket commands with ease!☆51Updated 4 years ago