Invoke-Stealth : Simple And Powerful PowerShell Script Obfuscator

Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator.

This tool helps you to automate the obfuscation process of any script written in PowerShell with different techniques. You can use any of them separately, together or all of them sequentially with ease, from Windows or Linux.

Requirements

  • Powershell 4.0 or higher
  • Bash*
  • Python 3*

*Required to use all features

Download

It is recommended to clone the complete repository or download the zip file. You can do this by running the following command:

git clone https://github.com/JoelGMSec/Invoke-Stealth.git

You can also download the limited version as follows:

powershell iwr -useb https://darkbyte.net/invoke-stealth.php -outfile Invoke-Stealth.ps1

Usage

.\Invoke-Stealth.ps1 -help
Info: This tool helps you to automate the obfuscation process of
any script written in PowerShell with different techniques
Usage: .\Invoke-Stealth.ps1 script.ps1 -technique Xencrypt
– You can use as single or separated by commas –
Techniques:
· Chimera: Substitute strings and concatenate variables
· Xencrypt: Compresses and encrypts with random iterations
· PyFuscation: Obfuscate functions, variables and parameters
· PSObfuscation: Convert content to bytes and encode with Gzip
· ReverseB64: Encode with base64 and reverse it to avoid detections
· All: Sequentially executes all techniques described above
Warning: The output script will exponentially multiply the original size
Chimera & PyFuscation need dependencies to work properly in Windows

The detailed guide of use can be found at the following link:

https://darkbyte.net/ofuscando-scripts-de-powershell-con-invoke-stealth

R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

15 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

15 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

15 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

15 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

15 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

18 hours ago