πAutoRuns is a PowerShell module that will help do live incident response and enumerate autoruns artifacts that may be used by legitimate programs as well as malware to achieve persistence.
β292Mar 29, 2026Updated last month
Alternatives and similar repositories for AutoRuns
Users that are interested in AutoRuns are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Gives context to a system. Uses EQGRP shadow broker leaked list to give some descriptions to processes.β47Jun 5, 2017Updated 8 years ago
- Python script for analyis of the "Trust.csv" file generated by Veil PowerView. Provides graph based analysis and output.β121Aug 18, 2020Updated 5 years ago
- PowerForensics provides an all in one platform for live disk forensic analysisβ1,431Nov 16, 2023Updated 2 years ago
- Generates anti-sandbox analysis HTA files without payloadsβ121Mar 16, 2017Updated 9 years ago
- PowerKrabsEtw is a PowerShell interface for doing real-time ETW tracing.β103Nov 17, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- PowerShell Empire module for logging USB keystrokes via ETWβ31Nov 11, 2016Updated 9 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.β321Jun 5, 2017Updated 8 years ago
- POC Highlighting Obfuscation Techniques used by FIN threat actors based on cmd.exe's replace functionality and cmd.exe/powershell.exe's sβ¦β107Jul 2, 2017Updated 8 years ago
- This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.β387Jun 25, 2024Updated last year
- Powershell module to assist in attacking Exchange/Outlook Web Accessβ182Sep 22, 2016Updated 9 years ago
- Custom scripts released for BSidesDC 2016β14Oct 19, 2016Updated 9 years ago
- Fileless SQL Server CLR-based Custom Stored Procedure Command Executionβ35Mar 6, 2017Updated 9 years ago
- β67Dec 19, 2018Updated 7 years ago
- CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across alβ¦β659Aug 19, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Automated, Collection, and Enrichment Platformβ326Nov 14, 2019Updated 6 years ago
- PowerShell module to play with Kerberos S4U extensionsβ52Apr 2, 2017Updated 9 years ago
- A script for advanced discovery of Privileged Accounts - includes Shadow Adminsβ830Sep 9, 2019Updated 6 years ago
- β266Oct 25, 2025Updated 6 months ago
- Exploit the credentials present in files and memoryβ844May 25, 2023Updated 2 years ago
- Currently not updated for WMIEvent module...β263Feb 23, 2016Updated 10 years ago
- Powershell Threat Hunting Moduleβ291Sep 21, 2016Updated 9 years ago
- Easily define in-memory enums, structs, and Win32 functions in PowerShellβ228Oct 14, 2018Updated 7 years ago
- Random Toolsβ850Oct 20, 2022Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI β’ AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- PoC: process watcher patterns to make killing a process hard.β11Aug 1, 2018Updated 7 years ago
- Windows PowerShell domain scanning toolβ54Apr 23, 2016Updated 10 years ago
- Port of eternal blue exploits to powershellβ151Jun 3, 2017Updated 8 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)β169Jun 8, 2017Updated 8 years ago
- Collection of PowerShell scriptsβ452Dec 18, 2017Updated 8 years ago
- Module to provide PowerShell functions that abstract Win32 API functionsβ252Jun 6, 2024Updated last year
- β80Sep 27, 2015Updated 10 years ago
- Invoke-LiveResponseβ150Feb 22, 2022Updated 4 years ago
- PSRecon gathers data from a remote Windows host using PowerShell (v2 or later), organizes the data into folders, hashes all extracted daβ¦β494Jul 29, 2017Updated 8 years ago
- GPUs on demand by Runpod - Special Offer Available β’ AdRun AI, ML, and HPC workloads on powerful cloud GPUsβwithout limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A PowerShell based utility for the creation of malicious Office macro documents.β1,108Nov 3, 2017Updated 8 years ago
- C# Targeted Attack Reconnissance Toolsβ120Jan 11, 2021Updated 5 years ago
- Executes common PowerSploit Powerview functions then combines output into a spreadsheet for easy analysis.β71Jul 26, 2018Updated 7 years ago
- Powershell VNC injectorβ344Jun 29, 2020Updated 5 years ago
- A .NET tool that uses AppDomain's to enable dynamic execution and escape detection.β29Nov 25, 2019Updated 6 years ago
- PowerShell Scripts focused on Post-Exploitation Capabilitiesβ321Dec 29, 2017Updated 8 years ago
- NetSPI PowerShell Scriptsβ345Feb 10, 2026Updated 2 months ago