The Roslyn .NET compiler provides C# and Visual Basic languages with rich code analysis APIs.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Exports Discord chat logs to a file

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

Book Manager and Automation (Sonarr for Ebooks)

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.

Run PowerShell with rundll32. Bypass software restrictions.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

PowerShell Runspace Post Exploitation Toolkit

PowerForensics provides an all in one platform for live disk forensic analysis

SharpDPAPI is a C# port of some Mimikatz DPAPI functionality.

Spartacus DLL/COM Hijacking Toolkit

Hunts out CobaltStrike beacons and logs operator command output

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!

Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.

Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).

CyLR - Live Response Collection Tool

This application allows you to put various limits on Windows processes.

Detect and respond to Cobalt Strike beacons using ETW.

Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber

Access Manager provides web-based access to local admin (LAPS) passwords, BitLocker recovery keys, and just-in-time administrative access to Windows computers in a modern, secure, and user-friendly…

Lazykatz is an automation developed to extract credentials from remote targets protected with AV and/or application whitelisting software.

Outlook add-in companion to report suspicious mail easily

Parses amcache.hve files, but with a twist!

http://moaistory.blogspot.com/2018/10/winsearchdbanalyzer.html

Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.

A C# based tool for analysing malicious OneNote documents