πAutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitimate programs as well as malware to achieve persistence.
β292Mar 29, 2026Updated last week
Alternatives and similar repositories for AutoRuns
Users that are interested in AutoRuns are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.β47Jun 5, 2017Updated 8 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.β121Aug 18, 2020Updated 5 years ago
- PowerForensics provides an all in one platform for live disk forensic analysisβ1,429Nov 16, 2023Updated 2 years ago
- Generates anti-sandbox analysis HTA files without payloadsβ121Mar 16, 2017Updated 9 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.β103Nov 17, 2020Updated 5 years ago
- DigitalOcean Gradient AI Platform β’ AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- PowerShell Empire module for logging USB keystrokes via ETWβ32Nov 11, 2016Updated 9 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.β321Jun 5, 2017Updated 8 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's sβ¦β105Jul 2, 2017Updated 8 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.β388Jun 25, 2024Updated last year
- Powershell module to assist in attacking Exchange/Outlook Web Accessβ182Sep 22, 2016Updated 9 years ago
- Custom scripts released for BSidesDC 2016β14Oct 19, 2016Updated 9 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Executionβ35Mar 6, 2017Updated 9 years ago
- β67Dec 19, 2018Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across alβ¦β659Aug 19, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean β’ AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Automated, Collection, and Enrichment Platformβ326Nov 14, 2019Updated 6 years ago
- PowerShell module to play with Kerberos S4U extensionsβ52Apr 2, 2017Updated 9 years ago
- A script for advanced discovery of Privileged Accounts - includes Shadow Adminsβ829Sep 9, 2019Updated 6 years ago
- β265Oct 25, 2025Updated 5 months ago
- Exploit the credentials present in files and memoryβ844May 25, 2023Updated 2 years ago
- Powershell Threat Hunting Moduleβ290Sep 21, 2016Updated 9 years ago
- Currently not updated for WMIEvent module...β262Feb 23, 2016Updated 10 years ago
- Easily define in-memory enums, structs, and Win32 functions in PowerShellβ228Oct 14, 2018Updated 7 years ago
- Random Toolsβ851Oct 20, 2022Updated 3 years ago
- DigitalOcean Gradient AI Platform β’ AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- PoC: process watcher patterns to make killing a process hard.β11Aug 1, 2018Updated 7 years ago
- Windows PowerShell domain scanning toolβ54Apr 23, 2016Updated 9 years ago
- Port of eternal blue exploits to powershellβ151Jun 3, 2017Updated 8 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)β169Jun 8, 2017Updated 8 years ago
- Collection of PowerShell scriptsβ451Dec 18, 2017Updated 8 years ago
- Module to provide PowerShell functions that abstract Win32 API functionsβ251Jun 6, 2024Updated last year
- β80Sep 27, 2015Updated 10 years ago
- Invoke-LiveResponseβ150Feb 22, 2022Updated 4 years ago
- PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted daβ¦β493Jul 29, 2017Updated 8 years ago
- Wordpress hosting with auto-scaling on Cloudways β’ AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- A PowerShell based utility for the creation of malicious Office macro documents.β1,110Nov 3, 2017Updated 8 years ago
- C# Targeted Attack Reconnissance Toolsβ120Jan 11, 2021Updated 5 years ago
- Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.β71Jul 26, 2018Updated 7 years ago
- Powershell VNC injectorβ341Jun 29, 2020Updated 5 years ago
- A .NET tool that uses AppDomain's to enable dynamic execution and escape detection.β29Nov 25, 2019Updated 6 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilitiesβ320Dec 29, 2017Updated 8 years ago
- NetSPI PowerShell Scriptsβ345Feb 10, 2026Updated last month