t3l3machus / PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
☆979Updated 8 months ago
Alternatives and similar repositories for PowerShell-Obfuscation-Bible:
Users that are interested in PowerShell-Obfuscation-Bible are comparing it to the libraries listed below
- Dominate Active Directory with PowerShell. Inspired by CrackMapExec / NetExec.☆950Updated 3 weeks ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆694Updated this week
- Windows Local Privilege Escalation Cookbook☆1,084Updated 2 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆511Updated 7 months ago
- AV/EDR Evasion Lab for Training & Learning Purposes☆1,219Updated last month
- Send phishing messages and attachments to Microsoft Teams users☆1,069Updated 9 months ago
- Dumping DPAPI credz remotely☆1,104Updated last week
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆409Updated 2 weeks ago
- Powershell tool to automate Active Directory enumeration.☆1,081Updated last month
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,637Updated 5 months ago
- This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.☆555Updated 5 months ago
- Simple & Powerful PowerShell Script Obfuscator☆555Updated last year
- smbclient-ng, a fast and user friendly way to interact with SMB shares.☆896Updated last week
- Script for generating revshells☆466Updated 6 months ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆654Updated last year
- The Hunt for Malicious Strings☆1,183Updated 2 years ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆707Updated last year
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.☆791Updated 9 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆722Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,173Updated last year
- A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)☆1,104Updated 10 months ago
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆1,942Updated 3 weeks ago
- Active Directory Auditing and Enumeration☆438Updated last week
- BloodyAD is an Active Directory Privilege Escalation Framework☆1,555Updated 2 weeks ago
- ☆706Updated last year
- Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests…☆263Updated 3 months ago
- A light-weight first-stage C2 implant written in Nim (and Rust).☆863Updated this week
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆567Updated 9 months ago
- PowerShell Ransomware Simulator with C2 Server☆477Updated last year
- Red Team Cheatsheet in constant expansion.☆1,167Updated last year