A command-line installer for Windows https://scoop.sh/ The Package Manager for Windows https://chocolatey.org/ Using a specific shell https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell Available Environments https://github.com/actions/virtual-environments 

the Sam Spade utility provides all these tools and more in a graphical user interface. assist in determining the source of Internet traffic. These tools include: whois,traceroute, finger, ping, and nslookup https://www.sans.org/reading-room/whitepapers/tools/sam-spade-934 Hyena is designed to both simplify and centralize nearly all of the day-to-day management tasks, while providing new capabilities for system administration https://www.systemtools.com/hyena/ TaskShell, enumeration, recon https://github.com/RiccardoAncarani/TaskShell SSDP Service Discovery https://github.com/rvrsh3ll/SharpSSDP Open source Active Directory security audit framework https://github.com/airbus-seclab/bta 

UAC-bypass https://github.com/winscripting/UAC-bypass Powershell SAP assessment tool https://github.com/airbus-seclab/powersap 

W3af is an extremely popular, powerful, and flexible framework for finding and exploiting web application vulnerabilities skipfish is an active web application security reconnaissance tool Wfuzz is a tool for bruteforcing Web Applications, it can be used for finding resources not linked (directories, servlets, scripts, etc), bruteforcing GET and POST parameters for different kinds of injections (SQL, XSS, LDAP, etc.), bruteforcing form parameters (user/password), fuzzing Wapiti allows you to audit the security of your web applications https://sectools.org/tag/fuzzers/ An extension for the original Fiddler web debugger to analyze malicious web traffic https://github.com/malwareinfosec/EKFiddle Burp Suite Community Edition,manual tools for exploring web security. Proxy your HTTPS traffic, edit and repeat requests, decode data https://portswigger.net/burp/communitydownload Hetty is an HTTP toolkit for security research https://github.com/dstotijn/hetty WinDump is the Windows version of tcpdump https://www.winpcap.org/windump/default.htm 

cpu_rec is a tool that recognizes cpu instructions in an arbitrary binary file. It can be used as a standalone tool, or as a plugin for binwalk https://github.com/airbus-seclab/cpu_rec Firmware Analysis Tool https://github.com/ReFirmLabs/binwalk Debugging Tools for Windows 10 (WinDbg) https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools GRR Rapid Response: remote live forensics for incident response https://github.com/google/grr Command line interface to dump LSASS memory to disk via SilentProcessExit https://github.com/deepinstinct/LsassSilentProcessExit 

builds Windows 2012R2/10/2016/2019 base Vagrant boxes using Packer and VirtualBox/Hyper-V/libvirt/qemu https://github.com/rgl/windows-vagrant 

GitHub’s official command line tool https://github.com/cli/cli 

https://github.com/eshlomo1/Microsoft-365-for-IT-and-Security https://github.com/Vet-2-tech/Office365-Security-Compliance-Screen-Scrapping-Checklist https://github.com/cscannell-inacloud/Office365-Security-Docs/tree/AndreaBarr-patch-1/SecurityCompliance https://github.com/diogo-fernan/powershell-ad-office365 Elastic Beat for fetching and shipping Office 365 audit events https://github.com/counteractive/o365beat https://github.com/londonc/LMC-PSC Gets events from the Office 365 unified audit log and outputs their details into the pipeline https://github.com/counteractive/Get-UnifiedAuditLog Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page https://github.com/gremwell/o365enum