PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on the scale, and post exploitation actions such as OS command execution. It is intended to be used during internal penetration tests and red team engagements.
However, PowerUpSQL also includes many functions that can be used by administrators to quickly inventory the SQL Servers in their ADS domain and perform common threat hunting tasks related to SQL Server.
Also Read Burpsuite – A Beginner’s Guide For Web Application Security or Penetration Testing
Install-Module -Name PowerUpSQL
Download the project and import it. This does not require administrative privileges and will only be imported into the current session. However, it may be blocked by restrictive execution policies.Import-Module PowerUpSQL.psd1
Load it into a session via a downloading cradle. This does not require administrative privileges and will only be imported into the current session. It should not be blocked by executions policies.IEX(New-Object System.Net.WebClient).DownloadString("https://raw.githubusercontent.com/NetSPI/PowerUpSQL/master/PowerUpSQL.ps1")
Note: To run as an alternative domain user, use the runas command to launch PowerShell first.
runas /noprofile /netonly /user:domain\user PowerShell.exe
Get-Command -Module PowerUpSQL
Get-Help FunctionName
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…