Top 23 PowerShell Security Projects

nishang

15 8,324 0.0 PowerShell

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

Project mention: PowerShell evasion | /r/AskNetsec | 2023-09-24

Penetration-Testing-Tools

3 2,407 4.1 PowerShell

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
windows_hardening

14 2,153 7.4 PowerShell

HardeningKitty and Windows Hardening settings and configurations
HardeningKitty

14 1,133 2.9 PowerShell

HardeningKitty - Checks and hardens your Windows configuration

Project mention: If You Had To Create All IT Policies From Scratch | /r/sysadmin | 2023-06-29

Also Hardening-Kitty. https://github.com/scipag/HardeningKitty

Harden-Windows-Security

10 1,130 9.9 PowerShell

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

Project mention: BitLocker, TPM and Pluton | What Are They and How Do They Work | /r/cybersecurity | 2023-09-03

We learned how important it is to use BitLocker and protect our data at rest. The Harden Windows Security repository employs BitLocker to encrypt the operation system drive and optionally any other drives that user chooses to. It utilizes the most secure configuration and military grade encryption algorithm, XTS-AES-256, TPM 2.0 and Start-up PIN.

PowerZure

1 1,029 4.2 PowerShell

PowerShell framework to assess Azure security
Windows-Optimize-Harden-Debloat

1 1,010 7.6 PowerShell

Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
monkey365

2 709 6.6 PowerShell

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
red_team_attack_lab

5 475 4.5 PowerShell

Red Team Attack Lab for TTP testing & research

Project mention: Can anyone describe their red team infrastructure? | /r/redteamsec | 2023-05-04

MAAD-AF

15 327 7.6 PowerShell

MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
WiFi-password-stealer

1 317 6.9 PowerShell

Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

Project mention: Show HN: BadUSB that can exfiltrate stored WiFi passwords | news.ycombinator.com | 2023-10-08

MrKaplan

1 247 3.4 PowerShell

MrKaplan is a tool aimed to help red teamers to stay hidden by clearing evidence of execution.
AZSentinel

2 225 0.0 PowerShell

PowerShell module for Azure Sentinel
awesome-lists

1 199 9.7 PowerShell

Security lists for SOC detections (by mthcht)

Project mention: List of suspicious ports | /r/cybersecurity | 2023-05-22

private-secure-windows

7 153 3.5 PowerShell

Privacy and security baseline for personal Windows 10 and Windows 11

Project mention: Private and Secure Windows | news.ycombinator.com | 2023-11-21

WindowsFirewallRuleset

1 152 8.2 PowerShell

PowerShell scripts to automatically create rules for Windows firewall
Purpleteam

1 119 8.3 PowerShell

Purpleteam scripts simulation & Detection - trigger events for SOC detections
PSMDATP

2 67 0.0 PowerShell

PowerShell Module for managing Microsoft Defender Advanced Threat Protection
Standalone-Windows-Server-STIG-Script

1 56 6.2 PowerShell

Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.
ExploitProtection

2 50 9.7 PowerShell

Windows Exploit Protection Settings (Ultimate)

Project mention: Windows Exploit Protection Manager | /r/Windows10 | 2023-10-10

Public-Scripts

6 22 5.5 PowerShell

Various Scripts and Tools for Microsoft Technologies Professionals
DomainProtect

1 16 2.5 PowerShell

Protect domains from malicious browser extensions
CVE-2023-36884-Checker

1 14 5.1 PowerShell

Script to check for CVE-2023-36884 hardening

Project mention: Scripts pour vérifier si les mitigations de la CVE-2023-36884 (zero-day office) sont en place | /r/Sysadmin_Fr | 2023-07-19

SaaSHub

www.saashub.com sponsored

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-11-21.

PowerShell Security related posts

Private and Secure Windows
1 project | news.ycombinator.com | 21 Nov 2023
PowerShell evasion
1 project | /r/AskNetsec | 24 Sep 2023
BitLocker, TPM and Pluton | What Are They and How Do They Work
1 project | /r/cybersecurity | 3 Sep 2023
Clean Source principle, Azure and Privileged Access Workstations
1 project | /r/cybersecurity | 26 Aug 2023
Comparison of security benchmarks and dangers of following them!
1 project | /r/cybersecurity | 19 Aug 2023
Created total BYOVD Kernel-level protection for Windows using Windows Defender Application Control
1 project | /r/cybersecurity | 28 Jul 2023
WDAC policy for BYOVD Kernel mode only protection
1 project | /r/purpleteamsec | 11 Jul 2023
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024

The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

What are some of the best open-source Security projects in PowerShell? This list will help you:

	Project	Stars
1	nishang	8,324
2	Penetration-Testing-Tools	2,407
3	windows_hardening	2,153
4	HardeningKitty	1,133
5	Harden-Windows-Security	1,130
6	PowerZure	1,029
7	Windows-Optimize-Harden-Debloat	1,010
8	monkey365	709
9	red_team_attack_lab	475
10	MAAD-AF	327
11	WiFi-password-stealer	317
12	MrKaplan	247
13	AZSentinel	225
14	awesome-lists	199
15	private-secure-windows	153
16	WindowsFirewallRuleset	152
17	Purpleteam	119
18	PSMDATP	67
19	Standalone-Windows-Server-STIG-Script	56
20	ExploitProtection	50
21	Public-Scripts	22
22	DomainProtect	16
23	CVE-2023-36884-Checker	14