As PowerShell becomes more prevalent in the Windows environment, so will it's use for vulnerability assessment and penetration tests. I have covered a few of them earlier such as PowerSploit, PSAttack. However none of the ones I mentioned help you detect network vulnerabilities. That is set to change with NetworkRecon, a script that helps you find anomalies in observable network protocols. What is NetworkRecon? NetworkRecon is an open source PowerShell network reconnaissance module which will Read more about NetworkRecon: PowerShell to Identify Network Vulnerabilities!
Internal network exploitation is a completely different ballgame all together. Many resources are trusted by default and security restrictions are minimal in most cases. One such resource which lacks security restrictions is the Microsoft Windows Server Update Services (WSUS). I have seen internal networks which lack SSL protection, because it is "not needed" for internal networks. This is where a script like WSUXploit comes into picture! Read more about WSUXploit: A Weaponized WSUS Exploit Script!
An older post describing Wifiphisher can be found here. Recently an update was made to the open source tool that helps you execute speedy and automated phishing attacks against wireless networks. Most notably, this new release includes the Lure10 attack - a novel way for associating automatically with any device that is within range running the latest Windows. Read more about UPDATE: Wifiphisher v1.3!
A human is the weakest link in cyber security and tools like Wifiphisher cement the fact. This tool exploits this weak link by launching a social-engineering attack leading the user to a phishing page and then you can get the users password or install your stuff. Read more about Wifiphisher: Perform Automated Customized Phishing Attacks Against Wi-Fi Clients!