headi. Customisable and automated HTTP header injection
295FormThief. Spoofing desktop login applications with WinForms and WPF
179Graphpython. Modular cross-platform Microsoft Graph API (Entra, o365, and Intune) enumeration and exploitation toolkit
168ASRenum-BOF. Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations
167EDRenum-BOF. Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.
135proctools. Small toolkit for extracting information and dumping sensitive strings from Windows processes
116SharpGraphView. Microsoft Graph API post-exploitation toolkit
95SharpSQL. Simple C# implementation of PowerUpSQL
95huntsman. Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io
83SigFinder. Identify binaries with Authenticode digital signatures signed to an internal CA/domain
40clovery. Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services
24Awesome-Advanced-Windows-Exploitation-References. List of Awesome Advanced Windows Exploitation References
1