PowerRunAsAttached is a ported version of RunAsAttachedLocal in Powershell with inline CSharp.
This script allows to spawn a new interactive console as another user account in the same calling console (console instance/window).
One possible example is that this tool gives you with ease the possibility to do vertical / horizontal privilege escalation through your already established Netcat / WinRM session.
PowerBruteLogon is a ported version of WinBruteLogon in pure PowerShell
⚠️ Notice: this version is slower than WinBruteLogon but has the serious advantage of being 100% entirely coded in PowerShell. In a near future, password attempts will be distributed to separate threads to speed up the process. Also keep in mind that this method is very noisy, each failed attempt will get logged on Microsoft Windows Event Logs.
You might find useful information about the technique used in this PoC here
Map in current PowerShell Instance Memory .NET Assemblies from remote web server.
When Assembly is mapped, you can invoke it's main with a command line argument.
The advantage of this technique is to avoid having assemblies written on disk. Everything happens in memory.
I'm using this script during my penetration tests / labs right after getting an initial shell on Windows to load other .NET Tools (Ex: ShapHound, ShapUp etc..)