Impacket is a collection of Python classes for working with network protocols.

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell，支持批量A段/B段/C段以及跨网段扫描，支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等，大量高危漏洞检测模块MS17010、Zimbra、Exchange

Prometheus exporter for Windows machines

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

K8Ladon大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

New generation of wmiexec.py

This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.

No description available

SharpWMI is a C# implementation of various WMI functionality.

sharpwmi是一个基于rpc的横向移动工具，具有上传文件和执行命令功能。

Windows protocol library, including SMB and RPC implementations, among others.

Battery, BIOS, CPU - processor, storage drive, keyboard, RAM - memory, monitor, motherboard, mouse, NIC - network adapter, printer, sound card - audio card, graphics card - video card. Hardware.Info is a .NET Standard 2.0 library and uses WMI on Windows, /dev, /proc, /sys on Linux and sysctl, system_profiler on macOS.

CimSweep is a suite of CIM/WMI-based tools that enable the ability to perform incident response and hunting operations remotely across all versions of Windows.

A codebase aimed to make interaction with Windows and native execution easier

Large base of notes on PowerShell, Linux and DevOps tools in ru language (cheat sheets and documentation).

使用多种WinAPI进行权限维持的CobaltStrike脚本，包含API设置系统服务，设置计划任务，管理用户等。

Spoofing the Windows 10 HDD/diskdrive serialnumber from kernel without hooking

This is the old repo for Pandora OPEN project (Pandora FMS OpenSource)

WMI for Go

No description available

Malicious WMI Events using PowerShell

This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.

WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement

Monitor temperature, control fan speeds, backlight color and more using WMI BIOS and the Embedded Controller. Lightweight, runs in the background with minimal footprint. Has a command-line mode too.

LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript

A command shell wrapper using only WMI for Microsoft Windows

No description available

Tool to monitor WMI activity on Windows

A Bring Your Own Land Toolkit that Doubles as a WMI Provider