Collection of PowerShell functions a Red Teamer may use in an engagement
☆547Dec 8, 2023Updated 2 years ago
Alternatives and similar repositories for PowerShell-Red-Team
Users that are interested in PowerShell-Red-Team are comparing it to the libraries listed below
Sorting:
- ☆1,669Apr 14, 2025Updated 10 months ago
- Automation for internal Windows Penetrationtest / AD-Security☆3,644Aug 28, 2025Updated 6 months ago
- Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.☆1,569Nov 9, 2021Updated 4 years ago
- Azure Security Resources and Notes☆1,711Feb 17, 2026Updated last week
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆2,132Nov 28, 2024Updated last year
- Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware☆603Aug 27, 2024Updated last year
- A lightweight tool to quickly extract valuable information from the Active Directory environment for both attacking and defending.☆634Oct 18, 2025Updated 4 months ago
- ☆360Apr 24, 2021Updated 4 years ago
- WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations☆372Oct 30, 2020Updated 5 years ago
- PowerShell rebuilt in C# for Red Teaming purposes☆1,050Jan 27, 2026Updated last month
- Some usefull Scripts and Executables for Pentest & Forensics☆1,152Dec 11, 2025Updated 2 months ago
- PowerShell Script Obfuscator☆597Nov 2, 2023Updated 2 years ago
- PowerShell payload generator☆120Sep 30, 2021Updated 4 years ago
- ☆540Nov 20, 2021Updated 4 years ago
- .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py☆607Feb 16, 2023Updated 3 years ago
- ☆667Nov 17, 2021Updated 4 years ago
- OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team…☆820Oct 27, 2023Updated 2 years ago
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,874Aug 18, 2023Updated 2 years ago
- The Hunt for Malicious Strings☆1,363May 13, 2025Updated 9 months ago
- Some notes and examples for cobalt strike's functionality☆1,127Feb 8, 2022Updated 4 years ago
- A C# MS SQL toolkit designed for offensive reconnaissance and post-exploitation.☆779Oct 16, 2025Updated 4 months ago
- Template-Driven AV/EDR Evasion Framework☆1,779Nov 3, 2023Updated 2 years ago
- Various PowerShell scripts that may be useful during red team exercise☆960Apr 28, 2022Updated 3 years ago
- BloodyAD is an Active Directory Privilege Escalation Framework☆2,098Updated this week
- Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab☆2,257Apr 12, 2024Updated last year
- Windows Privilege Escalation from User to Domain Admin.☆1,439Dec 18, 2022Updated 3 years ago
- Kerberoast attack -pure python-☆433Nov 30, 2023Updated 2 years ago
- Obfuscate powershell scripts by replacing Function names, Variables and Parameters.☆522Nov 26, 2022Updated 3 years ago
- Custom Query list for the Bloodhound GUI based off my cheatsheet☆837Oct 29, 2025Updated 4 months ago
- The Shadow Attack Framework☆1,116Sep 4, 2022Updated 3 years ago
- A PowerShell armoury for security guys and girls☆468Jan 23, 2024Updated 2 years ago
- Hide your Powershell script in plain sight. Bypass all Powershell security features☆1,304Aug 19, 2019Updated 6 years ago
- Cobalt Strike kit for Lateral Movement☆678Feb 21, 2020Updated 6 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 2 years ago
- StandIn is a small .NET35/45 AD post-exploitation toolkit☆839Dec 2, 2023Updated 2 years ago
- SpoolSample -> Responder w/NetNTLM Downgrade -> NetNTLMv1 -> NTLM -> Kerberos Silver Ticket☆928Jul 26, 2021Updated 4 years ago
- Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀☆1,128Oct 21, 2024Updated last year
- ☆1,532Aug 11, 2023Updated 2 years ago
- Run PowerShell with rundll32. Bypass software restrictions.☆1,822Mar 17, 2021Updated 4 years ago