Sign In
Create Account
1. AutoHotkey:
A scripting language that allows you to create automation scripts for Windows, such as keyboard shortcuts and macros.
2. Chocolatey:
A package manager for Windows, which simplifies installing, updating, and managing software.
3. NirCmd:
A small command-line utility that allows you to perform various tasks, such as changing display settings and muting volume.
4. Sysinternals Suite:
A collection of system utilities for diagnosing, monitoring, and analyzing Windows systems.
5. SharpHound:
Used by BloodHound to collect Active Directory information for security analysis.
6. Mimikatz:
A post-exploitation tool to extract plaintext passwords, hashes, PINs, and Kerberos tickets from memory.
7. Pazuzu:
A reflective DLL loader that allows you to run binaries from memory, used for advanced Windows exploitation.
8. Empire:
A post-exploitation framework that uses PowerShell and Python agents for command-and-control operations.
9. Metasploit:
An open-source framework for developing, testing, and executing exploit code against remote targets.
10. WinPayloads:
A tool for generating undetectable Windows payloads that bypass antivirus and execute malicious code.
11. Invoke-Obfuscation:
A PowerShell obfuscator that allows you to create heavily obfuscated scripts to evade detection.
12. PowerSploit:
A collection of offensive PowerShell modules for pentesting and red teaming on Windows systems.
13. DeathStar:
A tool that automates the process of using Empire and BloodHound to attack Windows domains and escalate privileges.
14. Impacket:
A Python toolkit for working with network protocols, often used in pentesting to exploit SMB, WMI, and other services.
15. BloodHound:
A tool used to analyze and visualize Active Directory security and help identify paths for privilege escalation.
16. Responder:
An LLMNR, NBT-NS, and MDNS poisoner that steals credentials by tricking users into connecting to a malicious machine.
17. CrackMapExec:
A post-exploitation tool that helps automate the execution of common attacks in Active Directory environments.
18. UACMe:
A tool designed to bypass Windows User Account Control (UAC) to gain higher privileges.
19. Windows-Exploit-Suggester:
A tool that compares a Windows target's patch levels with the Microsoft vulnerability database to identify missing patches and potential exploits.
