PSRansom is a PowerShell Ransomware Simulator with C2 Server capabilities. This tool helps you simulate encryption process of a generic ransomware in any system on any system with PowerShell installed on it. Thanks to the integrated C2 server, you can exfiltrate files and receive client information via HTTP.
All communication between the two elements is encrypted or encoded so as to be undetected by traffic inspection mechanisms, although at no time is HTTPS used at any time.
It is recommended to clone the complete repository or download the zip file. You can do this by running the following command:
git clone https://github.com/JoelGMSec/PSRansom
Usage
.\PSRansom -h
_ _
| \/ || _ \ _ _ _ _ _ | |) _ | |) / ‘ | ‘ \/ |/ _ | ‘_ ‘ _ \ | / ) | _ < (| | | | _ \ () | | | | | | || |/|| ___,|| ||/_/|| || |_|
—————– by @JoelGMSec —————-
Info: This tool helps you simulate encryption process of a
generic ransomware in PowerShell with C2 capabilities
Usage: .\PSRansom.ps1 -e Directory -s C2Server -p C2Port
Encrypt all files & sends recovery key to C2Server
Use -x to exfiltrate and decrypt files on C2Server
.\PSRansom.ps1 -d Directory -k RecoveryKey
Decrypt all files with recovery key string
Warning: All info will be sent to the C2Server without any encryption
You need previously generated recovery key to retrieve files
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…