PowerShell – Page 6 – PentestTools

Unicorn – PowerShell Downgrade Attack

March 24, 2018

Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s powershell attacks...

System Administration

Grouper – Find Vulnerable Settings in AD Group Policy

February 7, 2018

Add Comment

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers (although probably also useful for sysadmins) which sifts through the...

Exploitation Tools

FakeImageExploiter – Use a Fake image.jpg (hide known file extensions) to exploit targets

February 1, 2018

Add Comment

This module takes one existing image.jpg and one payload.ps1 (input by user) and builds a new payload (agent.jpg.exe) that if executed it will trigger the...

System Administration

ACE – The Automated Collection and Enrichment Platform

January 13, 2018

Add Comment

The Automated Collection and Enrichment (ACE) platform is a suite of tools for threat hunters to collect data from many endpoints in a network and...

Vulnerability Analysis

In-Spectre-Meltdown – Tool to identify Meltdown & Spectre Vulnerabilities in processors

January 9, 2018

Add Comment

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown)...

Forensics Tools

weffles – Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI.

December 27, 2017

Add Comment

WEFFLES is designed to be small and lightweight, both for speed of getting something deployed during an Incident Response and also for the sake of being...

System Administration

PowerUpSQL – A PowerShell Toolkit for Attacking SQL Server

December 24, 2017

Add Comment

The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on scale. It is...

Exploitation Tools

Invoke-PSImage – Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

December 24, 2017

Add Comment

Invoke-PSImage takes a PowerShell script and embeds the bytes of the script into the pixels of a PNG image. It generates a oneliner for executing either from a...

Exploitation Tools

Macro Creator – MS-Word Payload Delivery

December 22, 2017

Add Comment

Invoke-MacroCreator is a powershell Cmdlet that allows for the creation of an MS-Word document embedding a VBA macro with various payload delivery and...

System Administration

Invoke-Phant0m – Windows Event Log Killer

December 18, 2017

Add Comment

This script walks thread stacks of Event Log Service process (spesific svchost.exe) and identify Event Log Threads to kill Event Log Service Threads. So the...

Tag - PowerShell

Unicorn – PowerShell Downgrade Attack

FakeImageExploiter – Use a Fake image.jpg (hide known file extensions) to exploit targets

ACE – The Automated Collection and Enrichment Platform

In-Spectre-Meltdown – Tool to identify Meltdown & Spectre Vulnerabilities in processors

weffles – Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI.

PowerUpSQL – A PowerShell Toolkit for Attacking SQL Server

Invoke-PSImage – Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

Macro Creator – MS-Word Payload Delivery

Invoke-Phant0m – Windows Event Log Killer

Topics