Tools

LogoGitHub - Flangvik/SharpCollection: Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.GitHub
LogoGitHub - r3motecontrol/Ghostpack-CompiledBinaries: Compiled Binaries for Ghostpack (.NET v4.0)GitHub

All precompiled CPTS Windows Tools

From my MEGA account

Logo49.36 MB folder on MEGA

Some tools are also on my Github

LogoGitHub - 0xSs0rZ/Windows_Tools_Internal_PentestGitHub

Other Tools from my MEGA Account

Logo199.29 MB file on MEGA

Powershell Tools

LogoPowerSharpPack/PowerSharpBinaries at master ยท S3cur3Th1sSh1t/PowerSharpPackGitHub

Impacket example scripts compiled for Windows

LogoGitHub - maaaaz/impacket-examples-windows: The great impacket example scripts compiled for WindowsGitHub

Precompiled C# Tools

LogoGitHub - Flangvik/SharpCollection: Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.GitHub
LogoGitHub - jakobfriedl/precompiled-binaries: Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environmentsGitHub

Other Tools

Cable

Active Directory Enumeration & Exploitation Tool

LogoGitHub - logangoins/Cable: Active Directory Enumeration & Exploitation ToolGitHub

WinPwn

LogoGitHub - S3cur3Th1sSh1t/WinPwn: Automation for internal Windows Penetrationtest / AD-SecurityGitHub

linWinPwn

LogoGitHub - lefayjey/linWinPwn: linWinPwn is a bash script that streamlines the use of a number of Active Directory toolsGitHub

PingCastle

LogoHome - PingCastlePingCastle
pingcastle.exe --healthcheck --server <DOMAIN_CONTROLLER_IP> --user <USERNAME> --password <PASSWORD> --advanced-live --nullsession
pingcastle.exe --healthcheck --server domain.local
pingcastle.exe --graph --server domain.local
pingcastle.exe --scanner scanner_name --server domain.local
available scanners are:aclcheck,antivirus,computerversion,foreignusers,laps_bitlocker,localadmin,nullsession,nullsession-trust,oxidbindings,remote,share,smb,smb3querynetwork,spooler,startup,zerologon,computers,users

ADcheck

LogoGitHub - CobblePot59/ADcheck: Assess the security of your Active Directory with few or all privileges.GitHub

Script Sentry

LogoGitHub - techspence/ScriptSentry: ScriptSentry finds misconfigured and dangerous logon scripts.GitHub

Sikara

LogoGitHub - Orange-Cyberdefense/sikara: Ease and assist the compromise of an Active Directory environment.GitHub

Bloodhound-QuickWin

bloodhound-quickwin -u neo4j -p exegol4thewin
LogoGitHub - kaluche/bloodhound-quickwin: Simple script to extract useful informations from the combo BloodHound + Neo4jGitHub

AD Miner

LogoGitHub - Mazars-Tech/AD_Miner: AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknessesGitHub

Metasploit

Metasploit

NetExec

NetExec - CME

Amnesiac

LogoGitHub - Leo4j/Amnesiac: Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Directory environmentsGitHub

PsMapExec

nxc in powershell

LogoGitHub - The-Viper-One/PsMapExec: A PowerShell implementation of the popular CrackMapExec tool. No Linux required here!GitHub

Mimikatz

Mimikatz

BetterSafetyKatz

LogoGitHub - Flangvik/BetterSafetyKatz: Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.GitHub

Rubeus

Rubeus

Evil-WinRM

Evil-WinRM
PreviousInternal PentestNextMethodology & Cheatsheet

Last updated