powershell – Cyber Sec Labs

Injector – Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

Black Hat Sec, July 14, 2021, NEW TOOLS, Kali, DLL Injection, AES Decryption, Decryption, Useless, bypassing, injection, powershell, windows, injector, 0

Complete Arsenal of Memory injection and other techniques for red-teaming in WindowsWhat does Injector do? Process injection support for shellcode located at remote server as well as local storage. Just specify the shellcode file and it will do th...

SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials

Black Hat Sec, June 26, 2021, NEW TOOLS, RDP, SSH, UAC, Api Hooks, MobaXterm, SharpHook, credentials, powershell, remote, crashes, 0

SharpHook is inspired by the SharpRDPThief project, It uses various API hooks in order to give us the desired credentials. In the background it uses the EasyHook project, Once the desired process is up and running SharpHook will automatically inject...

Gundog – Guided Hunting In Microsoft 365 Defender

Black Hat Sec, June 16, 2021, NEW TOOLS, Gundog, microsoft, powershell, threat, connections, defender, 0

Gundog provides you with guided hunting in Microsoft 365 Defender. Especially (if not only) for Email and Endpoint Alerts at the moment.Functionality You provide an AlertID (you might received via Email notification) and gundog will then hunt for a...

TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

Black Hat Sec, June 15, 2021, NEW TOOLS, Redteam, Lateral Movement, Redteam Tools, TChopper, powershell, windows, 0

New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool.Ho...

Redpill – Assist Reverse Tcp Shells In Post-Exploration Tasks

Black Hat Sec, June 14, 2021, NEW TOOLS, Webserver, Shells, Post Exploitation, Reverse Shells, Windows Defender, Reverse TCP, C2 Options, Redpill, Reverse TCP Shells, powershell, venom, webcams, cmdlet, 0

Project Description The redpill project aims to assist reverse tcp shells in post-exploration tasks. Often in redteam engagements we need to use unconventional ways to access target system, such as reverse tcp shells (not metasploit) in order to byp...

CheeseTools – Self-developed Tools For Lateral Movement/Code Execution

Black Hat Sec, May 30, 2021, NEW TOOLS, SMB, Redteaming, AES Encryption, RdpThief, Lateral Movement, AMSI, CheeseTools, Powershell Remoting, powershell, stealer, 0

This repository has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and for giving me the right motivation to work on them.CheeseExec Command Exec / Lateral movement via PsExec-like functionali...

DNS-Black-Cat(DBC) – Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol

Black Hat Sec, May 26, 2021, NEW TOOLS, 0xsp-Mongoose, DNS-Black-Cat, DNS-Black-Cat(DBC), linux, powershell, python, server, shell, system, toolkit, 0

Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel.Server ported as a python script, which acts as DNS server with required...

AMSITrigger – The Hunt For Malicious Strings

Black Hat Sec, May 23, 2021, NEW TOOLS, AMSI, AMSITrigger, powershell, 0

Hunting for Malicious Strings Usage: AMSI calls (xmas tree mode) -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater for, ...

DFIR-O365RC – PowerShell Module For Office 365 And Azure AD Log Collection

Black Hat Sec, May 16, 2021, NEW TOOLS, Real Time, Office365, Azure Active Directory, Dfir, DFIR-O365RC, Exchangeonline, forensics, microsoft, powershell, 0

PowerShell module for Office 365 and Azure AD log collectionModule description The DFIR-O365RC PowerShell module is a set of functions that allow the DFIR analyst to collect logs relevant for Office 365 Business Email Compromise investigations. The...

CIMplant – C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

Black Hat Sec, May 15, 2021, NEW TOOLS, Redteam, Csharp, CIMplant, management, powershell, windows, 0

C# port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with ** in the --show-commands command...

Injector – Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

SharpHook – Tool Tath Uses Various API Hooks In Order To Give Us The Desired Credentials

Gundog – Guided Hunting In Microsoft 365 Defender

TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

Redpill – Assist Reverse Tcp Shells In Post-Exploration Tasks

CheeseTools – Self-developed Tools For Lateral Movement/Code Execution

DNS-Black-Cat(DBC) – Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol

AMSITrigger – The Hunt For Malicious Strings

DFIR-O365RC – PowerShell Module For Office 365 And Azure AD Log Collection

CIMplant – C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

LikeBox

Get Membership

Archives

CONTACT US

Tag Archive for: powershell

LikeBox

Get Membership

Archives

CONTACT US

Log in with your credentials

Forgot your details?

Create Account