πAutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitimate programs as well as malware to achieve persistence.
β292Mar 29, 2026Updated last month
Alternatives and similar repositories for AutoRuns
Users that are interested in AutoRuns are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.β47Jun 5, 2017Updated 8 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.β121Aug 18, 2020Updated 5 years ago
- PowerForensics provides an all in one platform for live disk forensic analysisβ1,433Nov 16, 2023Updated 2 years ago
- Generates anti-sandbox analysis HTA files without payloadsβ121Mar 16, 2017Updated 9 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.β103Nov 17, 2020Updated 5 years ago
- AI Agents on DigitalOcean Gradient AI Platform β’ AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- PowerShell Empire module for logging USB keystrokes via ETWβ31Nov 11, 2016Updated 9 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.β321Jun 5, 2017Updated 8 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's sβ¦β107Jul 2, 2017Updated 8 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.β387Jun 25, 2024Updated last year
- Powershell module to assist in attacking Exchange/Outlook Web Accessβ182Sep 22, 2016Updated 9 years ago
- Custom scripts released for BSidesDC 2016β14Oct 19, 2016Updated 9 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Executionβ35Mar 6, 2017Updated 9 years ago
- β67Dec 19, 2018Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across alβ¦β659Aug 19, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Automated, Collection, and Enrichment Platformβ326Nov 14, 2019Updated 6 years ago
- PowerShell module to play with Kerberos S4U extensionsβ52Apr 2, 2017Updated 9 years ago
- A script for advanced discovery of Privileged Accounts - includes Shadow Adminsβ829Sep 9, 2019Updated 6 years ago
- β266Oct 25, 2025Updated 6 months ago
- Exploit the credentials present in files and memoryβ844May 25, 2023Updated 2 years ago
- Currently not updated for WMIEvent module...β263Feb 23, 2016Updated 10 years ago
- Powershell Threat Hunting Moduleβ291Sep 21, 2016Updated 9 years ago
- Easily define in-memory enums, structs, and Win32 functions in PowerShellβ228Oct 14, 2018Updated 7 years ago
- Random Toolsβ851Oct 20, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off β’ AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- PoC: process watcher patterns to make killing a process hard.β11Aug 1, 2018Updated 7 years ago
- Windows PowerShell domain scanning toolβ54Apr 23, 2016Updated 10 years ago
- Port of eternal blue exploits to powershellβ151Jun 3, 2017Updated 8 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)β170Jun 8, 2017Updated 8 years ago
- Collection of PowerShell scriptsβ452Dec 18, 2017Updated 8 years ago
- Module to provide PowerShell functions that abstract Win32 API functionsβ253Jun 6, 2024Updated last year
- Invoke-LiveResponseβ150Feb 22, 2022Updated 4 years ago
- PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted daβ¦β493Jul 29, 2017Updated 8 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.β1,108Nov 3, 2017Updated 8 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- C# Targeted Attack Reconnissance Toolsβ120Jan 11, 2021Updated 5 years ago
- β80Sep 27, 2015Updated 10 years ago
- Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.β71Jul 26, 2018Updated 7 years ago
- Powershell VNC injectorβ347Jun 29, 2020Updated 5 years ago
- A .NET tool that uses AppDomain's to enable dynamic execution and escape detection.β29Nov 25, 2019Updated 6 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilitiesβ321Dec 29, 2017Updated 8 years ago
- NetSPI PowerShell Scriptsβ345Feb 10, 2026Updated 3 months ago