| Tool | Description |
|---|---|
| Certify | Active Directory certificate abuse. |
| Get-ServiceACL | Retrieve the access control list (ACL) for a service running on a host. |
| GodPotato | Windows privilege escalation via token impersonation, supporting Windows Server 2012 to 2022. |
| Inveigh | LLMNR, NBNS, mDNS and DNS spoofing and man-in-the-middle tool written in C#. |
| MailSniper | Toolset for performing analysis and attacks on mail services. |
| Powecat | Netcat-like written in PowerShell. |
| PowerLurk | Toolset for building malicious WMI event subscriptions. |
| PowerSharpPack | Useful offensive C# projects wraped into Powershell for easy usage. |
| PowerSploit | PowerShell post-exploitation framework. |
| Rubeus | Toolset for raw Kerberos interaction and abuses. |
| Seatbelt | Security oriented host-survey "safety checks". |
| SharPersist | Toolkit for Windows persistence. |
| SharpUp | PowerUp-like tool written in C#. |
| Caplet | Description |
|---|---|
| dhcpv6-spoofing | DHCPv6 spoofing against target domains. |
| dns-spoofing | DNS spoofing with full wildcard resolution against target domains. |