Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator.
This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together or all of them sequentially with ease, from Windows or Linux.
Requirements
*Required to use all features
Download
It is recommended to clone the complete repository or download the zip file. You can do this by running the following command:
git clone https://github.com/JoelGMSec/Invoke-Stealth.git
You can also download the limited version as follows:
powershell iwr -useb https://darkbyte.net/invoke-stealth.php -outfile Invoke-Stealth.ps1
Usage
.\Invoke-Stealth.ps1 -help
Info: This tool helps you to automate the obfuscation process of
any script written in PowerShell with different techniques
Usage: .\Invoke-Stealth.ps1 script.ps1 -technique Xencrypt
– You can use as single or separated by commas –
Techniques:
· Chimera: Substitute strings and concatenate variables
· Xencrypt: Compresses and encrypts with random iterations
· PyFuscation: Obfuscate functions, variables and parameters
· PSObfuscation: Convert content to bytes and encode with Gzip
· ReverseB64: Encode with base64 and reverse it to avoid detections
· All: Sequentially executes all techniques described above
Warning: The output script will exponentially multiply the original size
Chimera & PyFuscation need dependencies to work properly in Windows
The detailed guide of use can be found at the following link:
https://darkbyte.net/ofuscando-scripts-de-powershell-con-invoke-stealth
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…