Kali
Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory (AD) penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer enumeration, network and security analysis, and more. The toolkit is intended for …
Continue reading “AD_Enumeration_Hunt – AD Pentesting Toolkit”
This is a powershell reverse shell that executes the commands and or scripts that you add to the powerreverse.ps1 file as well as a small library of Post-Exploitation scripts. This also can be used for post exploitation and lateral movement even. Please use at your own risk I am not and will not be responsible …
Invoke-PSObfuscation is an in-depth approach to obfuscating the individual components of a PowerShell payload whether you’re on Windows or Kali Linux. Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue to have a varied degree of success, but they have become trivial to extract …
Powershell-Backdoor-Generator is a reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every build. With the capabilties to create a Flipper Zero/ Hak5 USB Rubber ducky payload. Features Standard backdoor C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py –verbose [*] Encoding backdoor script [*] Saved backdoor backdoor.ps1 sha1:32b9ca5c3cd088323da7aed161a788709d171b71 [*] Starting Backdoor …
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges, the Directory Replication Service (DRS) …
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams. What separates Codecepticon from other obfuscators is that it targets the source code rather than the compiled executables, and was developed specifically for AV/EDR evasion. Codecepticon allows …
Collect-MemoryDump is automated Creation of Windows Memory Snapshots for DFIR. Collect-MemoryDump.ps1 is PowerShell script utilized to collect a Memory Snapshot from a live Windows system (in a forensically sound manner). Features First Public Release MAGNET Talks – Frankfurt, Germany (July 27, 2022)Presentation Title: Modern Digital Forensics and Incident Response Techniqueshttps://www.magnetforensics.com/ Download Download the latest version …
Continue reading “Collect-MemoryDump : Automated Creation Of Windows Memory Snapshots For DFIR”
Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. The main purpose of creating Octopus is for use before any red team operation, where rather than starting the engagement with your full operational arsenal and infrastructure, you can use Octopus first to attack the …
Continue reading “Octopus : Open Source Pre-Operation C2 Server Based On Python And Powershell”
PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe, regsvcs.exe or regasm.exe, regsvr32.exe. Run Powershell without powershell.exe or powershell_ise.exe AMSI Bypass features. Run Powershell scripts directly from the command line or Powershell files Import Powershell modules and execute …
Continue reading “PowerShx : Run Powershell Without Software Restrictions”
PowerShx is a rewrite and expansion on the PowerShdll project. PowerShx provide functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe, regsvcs.exe or regasm.exe, regsvr32.exe. Run Powershell without powershell.exe or powershell_ise.exe AMSI Bypass features. Run Powershell scripts directly from the command line or Powershell files Import Powershell modules and execute …
Continue reading “PowerShx : Run Powershell Without Software Restrictions”
.png)
.png)
.png)
