Amnesiac: The Power of PowerShell in Active Directory Post-Exploitation

Amnesiac is a post-exploitation framework designed to assist with lateral movement within active directory environments.

Amnesiac is being developed to bridge a gap on Windows OS, where post-exploitation frameworks are not readily available unless explicitly installed. In fact, it is entirely written in PowerShell, and can be loaded and executed in memory, just like any other PowerShell script.

If you find Amnesiac valuable and you like this project, please consider giving us a star on GitHub. Your support motivates the developer to continue improving and maintaining this project.

Please read the documentation to get the best out of Amnesiac: https://leo4j.gitbook.io/amnesiac/

Load and run

iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/Leo4j/Amnesiac/main/Amnesiac.ps1');Amnesiac

Key Features

Command Execution over Named-Pipes (SMB)

Amnesiac sends commands and receives outputs through Named Pipes, ensuring discreet and efficient post-exploitation activities.

No Installation Required

Unlike traditional frameworks, Amnesiac does not require installation. It operates entirely in memory, reducing the risk of detection and forensic footprint.

User-Friendly Framework

Amnesiac is designed with usability in mind. It provides a user-friendly interface, making it accessible and efficient for both beginners and experienced users.

Versatile Post-Exploitation Modules

Amnesiac comes equipped with an array of post-exploitation modules, ranging from keyloggers to Kerberos ticket dumping tools. These modules can be seamlessly integrated into your testing and assessment workflows.

Acknowledgments

Amnesiac relies on few other projects for its modules. In each module, you’ll find reference link information, ensuring proper attribution to the original creators.

Support and Contributions

Contributions and feedback from the community are highly encouraged and appreciated.