t3l3machus / PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
☆966Updated 7 months ago
Alternatives and similar repositories for PowerShell-Obfuscation-Bible:
Users that are interested in PowerShell-Obfuscation-Bible are comparing it to the libraries listed below
- A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec☆940Updated last month
- Windows Local Privilege Escalation Cookbook☆1,062Updated last month
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆659Updated 9 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆509Updated 6 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,604Updated 4 months ago
- ☆697Updated 11 months ago
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆399Updated last month
- Script for generating revshells☆463Updated 5 months ago
- Killer is a simple tool designed to bypass AV/EDR security tools using various evasive techniques.☆781Updated 8 months ago
- AV/EDR Evasion Lab for Training & Learning Purposes☆1,197Updated 2 weeks ago
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆1,904Updated this week
- This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation inc…☆488Updated 2 weeks ago
- Send phishing messages and attachments to Microsoft Teams users☆1,060Updated 8 months ago
- Simple & Powerful PowerShell Script Obfuscator☆553Updated last year
- This cheat sheet outlines common enumeration and attack methods for Windows Active Directory using PowerShell.☆550Updated 4 months ago
- AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover se…☆1,246Updated this week
- sandbox approach for malware developers and red teamers to test payloads against detection mechanisms before deployment☆561Updated 2 weeks ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆947Updated last year
- A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoi…☆519Updated last year
- An List of my own Powershell scripts, commands and Blogs for windows Red Teaming.☆393Updated last week
- Powershell tool to automate Active Directory enumeration.☆1,066Updated last week
- Awesome EDR Bypass Resources For Ethical Hacking☆1,101Updated last month
- PowerShell Ransomware Simulator with C2 Server☆474Updated last year
- Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework☆561Updated 8 months ago
- smbclient-ng, a fast and user friendly way to interact with SMB shares.☆850Updated 2 weeks ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆719Updated last year
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆899Updated 8 months ago
- linWinPwn is a bash script that streamlines the use of a number of Active Directory tools☆1,924Updated this week
- ☆531Updated 11 months ago
- A RedTeam Toolkit☆395Updated 4 months ago