t3l3machus / PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
☆790Updated 2 months ago
Related projects: ⓘ
- Windows Local Privilege Escalation Cookbook☆919Updated 5 months ago
- A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec☆857Updated this week
- A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage Power…☆628Updated 4 months ago
- During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target…☆689Updated last month
- This cheat sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell.☆487Updated last month
- PowerShell Ransomware Simulator with C2 Server☆456Updated 8 months ago
- Killer tool is designed to bypass AV/EDR security tools using various evasive techniques.☆706Updated 2 months ago
- ☆653Updated 5 months ago
- Powershell tool to automate Active Directory enumeration.☆980Updated last month
- Script for generating revshells☆451Updated last week
- ☆426Updated this week
- A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoi…☆506Updated 7 months ago
- Dumping DPAPI credz remotely☆941Updated last month
- Simple & Powerful PowerShell Script Obfuscator☆432Updated last year
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆608Updated 8 months ago
- Send phishing messages and attachments to Microsoft Teams users☆1,023Updated 3 months ago
- Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in…☆468Updated last month
- Little user-mode AV/EDR evasion lab for training & learning purposes☆976Updated 4 months ago
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆1,744Updated last month
- A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)☆953Updated 3 months ago
- A light-weight first-stage C2 implant written in Nim.☆780Updated last month
- Redeye is a tool intended to help you manage your data during a pentest operation☆461Updated 3 weeks ago
- An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer☆695Updated last year
- An List of my own Powershell scripts, commands and Blogs for windows Red Teaming.☆340Updated 2 weeks ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the …☆1,066Updated 2 months ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆843Updated 3 months ago
- C# Data Collector for BloodHound☆708Updated last week
- Amnesiac is a post-exploitation framework entirely written in PowerShell and designed to assist with lateral movement within Active Direc…☆323Updated last week
- A RedTeam Toolkit☆377Updated 7 months ago