AD-Lab
Tools
ADACLScanner A tool with GUI used to create reports of access control lists (DACLs) and system access control lists (SACLs) in Active Directory. https://github.com/canix1/ADACLScanner/blob/master/ADACLScan.ps1
ADRecon is a tool which extracts and combines various artefacts (as highlighted below) out of an AD environment. https://github.com/sense-of-security/ADRecon/blob/master/ADRecon.ps1
Bloodhound uses graph theory to reveal the hidden and often unintended relationships within an Active Directory environment. https://github.com/BloodHoundAD/BloodHound
Disabe-Amsi https://github.com/KurtDeGreeff/PlayPowershell/blob/master/Disable-AMSI.ps1
Mimikatz extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. https://github.com/PowerShellMafia/PowerSploit
Invoke-PoshRatHttp Reverse HTTP Shell. https://github.com/samratashok/nishang/blob/master/Shells/Invoke-PoshRatHttp.ps1
Invoke-SMBExec Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB tasks. https://github.com/Kevin-Robertson/Invoke-TheHash/blob/master/Invoke-SMBExec.ps1
PowerUp Privilege escalation script. https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1
PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. https://github.com/NetSPI/PowerUpSQL/blob/master/PowerUpSQL.ps1
PowerView is a PowerShell tool to gain network situational awareness on Windows domains. https://github.com/PowerShellMafia/PowerSploit/blob/master/Recon/PowerView.ps1
PowerView_dev is a PowerShell tool to gain network situational awareness on Windows domains. https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1