t3l3machus / PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
☆989Updated 9 months ago
Alternatives and similar repositories for PowerShell-Obfuscation-Bible:
Users that are interested in PowerShell-Obfuscation-Bible are comparing it to the libraries listed below
- Windows Local Privilege Escalation Cookbook☆1,096Updated 3 months ago
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆736Updated 3 weeks ago
- Dumping DPAPI credz remotely☆1,109Updated last month
- Dominate Active Directory with PowerShell. Inspired by CrackMapExec / NetExec.☆954Updated last month
- AV/EDR Evasion Lab for Training & Learning Purposes☆1,237Updated this week
- This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.☆561Updated 6 months ago
- Powershell tool to automate Active Directory enumeration.☆1,094Updated 3 weeks ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆415Updated last month
- Simple & Powerful PowerShell Script Obfuscator☆559Updated 2 years ago
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆1,949Updated last week
- Killer is a super simple tool designed to bypass AV/EDR security tools using various evasive techniques.☆804Updated 9 months ago
- PowerShell Ransomware Simulator with C2 Server☆478Updated last year
- During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target…☆713Updated 3 months ago
- An List of my Powershell scripts, commands and Blogs for windows Red Teaming.☆415Updated 2 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆510Updated 8 months ago
- ☆707Updated last year
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,644Updated 5 months ago
- Awesome EDR Bypass Resources For Ethical Hacking☆1,155Updated 2 months ago
- A light-weight first-stage C2 implant written in Nim (and Rust).☆871Updated 3 weeks ago
- SCCMHunter is a post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory domain.…☆750Updated 3 weeks ago
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆1,943Updated last month
- Script for generating revshells☆468Updated 7 months ago
- This repo contains some Amsi Bypass methods i found on different Blog Posts.☆1,890Updated 4 months ago
- smbclient-ng, a fast and user friendly way to interact with SMB shares.☆900Updated last month
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,175Updated last year
- C2 infrastructure over Microsoft Teams.☆656Updated 3 months ago
- A RedTeam Toolkit☆395Updated 3 weeks ago
- Active Directory Auditing and Enumeration☆448Updated 2 weeks ago
- This is for Ethical Use only.☆327Updated 3 weeks ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆964Updated last year