# Tools [![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/Y8Y41FQ2GA) {% embed url="" %} {% embed url="" %} ## All precompiled CPTS Windows Tools ### From my MEGA account

{% embed url="" %} ### Some tools are also on my Github

{% embed url="" %} ## Other Tools from my MEGA Account {% embed url="" %} ## Powershell Tools {% embed url="" %} ## Impacket example scripts compiled for Windows {% embed url="" %} ## Precompiled C# Tools {% embed url="" %} {% embed url="" %} ## Other Tools ### Adalanche {% embed url="" %} ### Cable Active Directory Enumeration & Exploitation Tool {% embed url="" %} ### WinPwn {% embed url="" %} ### linWinPwn {% embed url="" %} ### PingCastle {% embed url="" %} ``` pingcastle.exe --healthcheck --server --user --password --advanced-live --nullsession pingcastle.exe --healthcheck --server domain.local pingcastle.exe --graph --server domain.local pingcastle.exe --scanner scanner_name --server domain.local available scanners are:aclcheck,antivirus,computerversion,foreignusers,laps_bitlocker,localadmin,nullsession,nullsession-trust,oxidbindings,remote,share,smb,smb3querynetwork,spooler,startup,zerologon,computers,users ``` ### Purple Knight {% embed url="" %} ### ADPulse {% embed url="" %} ### ADcheck {% embed url="" %} ### Script Sentry {% embed url="" %} ### Sikara {% embed url="" %} ### Bloodhound-QuickWin ``` bloodhound-quickwin -u neo4j -p exegol4thewin ``` {% embed url="" %} ### AD Miner {% embed url="" %} ### Metasploit {% content-ref url="/pages/dtkGhaNT9goTjNNZVnYQ" %} [Metasploit](/0xss0rz/pentest/tools/metasploit.md) {% endcontent-ref %} ### NetExec {% content-ref url="/pages/HNzpgVH5ZoVTvC3HBY9m" %} [NetExec - CME](/0xss0rz/pentest/tools/netexec-cme.md) {% endcontent-ref %} ### Amnesiac {% embed url="" %} ### PsMapExec nxc in powershell {% embed url="" %} ### Mimikatz {% content-ref url="/pages/RyOH5l3XbYdEQwoowuVE" %} [Mimikatz](/0xss0rz/pentest/tools/mimikatz.md) {% endcontent-ref %} ### BetterSafetyKatz {% embed url="" %} ### Rubeus {% content-ref url="/pages/2ZteWA69O9XNN9mpS8Li" %} [Rubeus](/0xss0rz/pentest/tools/rubeus.md) {% endcontent-ref %} ### Evil-WinRM {% content-ref url="/pages/5zE4duLRkawZtstWjbb7" %} [Evil-WinRM](/0xss0rz/pentest/tools/evil-winrm.md) {% endcontent-ref %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xss0rz.gitbook.io/0xss0rz/pentest/internal-pentest/tools.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.