.NET debugger and assembly editor

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Microsoft Azure PowerShell

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

An open-source, free protector for .NET applications

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

Implementation of Python 3.x for .NET Framework that is built on top of the Dynamic Language Runtime.

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Identifies the bytes that Microsoft Defender flags on.

SharpSploit is a .NET post-exploitation library written in C#

Run PowerShell with rundll32. Bypass software restrictions.

Active Directory certificate abuse.

Local Service to SYSTEM privilege escalation from Windows 7 to Windows 10 / Server 2019

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Collection of Offensive C# Tooling

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts

The Hunt for Malicious Strings

SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by…

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A method of bypassing EDR's active projection DLL's by preventing entry point exection

C# implementation of harmj0y's PowerView

A C# Command & Control framework

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

The Boo Programming Language.

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into…