WithSecureLabs / RemotePSpy
RemotePSpy provides live monitoring of remote PowerShell sessions, which is particularly useful for older (pre-5.0) versions of PowerShell which do not have comprehensive logging facilities built in.
☆18Updated 5 years ago
Alternatives and similar repositories for RemotePSpy:
Users that are interested in RemotePSpy are comparing it to the libraries listed below
- ☆25Updated 6 years ago
- Set of ultra technical notes about AD☆18Updated 6 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Updated 6 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- Microsoft Applocker evasion tool☆38Updated 5 years ago
- ☆26Updated 6 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆15Updated 4 years ago
- ☆21Updated 7 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago
- windows-operating-system-archaeology @Enigma0x3 @subTee☆45Updated 7 years ago
- Microsoft Flow Attack Framework☆23Updated 5 years ago
- Miscellaneous PowerShell scripts for red team activities☆16Updated 4 months ago
- simple demo of using C# & System.Management.Automation.dll to run powershell code (b64 encoded) without powershell.exe☆14Updated 8 years ago
- ☆53Updated 5 years ago
- Obtains a crackable hash for the current user account☆23Updated 6 years ago
- cobalt strike stuff I have gathered from around github☆31Updated 7 years ago
- Useful Windows and AD tools☆15Updated 3 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Updated 5 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆33Updated 5 years ago
- Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.☆31Updated 8 years ago
- few months old but better than nothing☆58Updated 3 years ago
- ☆40Updated 6 years ago
- Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline☆35Updated 5 years ago
- Data exfiltration using reflective DNS resolution covert channel☆51Updated 7 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆58Updated 6 years ago
- A cross platform tool for verifying credentials and executing single commands☆32Updated 5 years ago
- Detecting PowerShell Empire, Metasploit Meterpreter and Cobalt Strike agents by payload size sequence analysis and host correlation☆16Updated 6 years ago
- BlueKeep powershell scanner (based on c# code)☆39Updated 5 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆53Updated 11 months ago