🐚 PSAsyncShell: Asynchronous Firewall Bypass
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.
Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections.
🔗 Research:
https://darkbyte.net/psasyncshell-bypasseando-firewalls-con-una-shell-tcp-asincrona/
🔗 Source:
https://github.com/JoelGMSec/PSAsyncShell
#ad #powershell #reverse #shell
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.
Unlike other reverse shells, all the communication and execution flow is done asynchronously, allowing to bypass some firewalls and some countermeasures against this kind of remote connections.
🔗 Research:
https://darkbyte.net/psasyncshell-bypasseando-firewalls-con-una-shell-tcp-asincrona/
🔗 Source:
https://github.com/JoelGMSec/PSAsyncShell
#ad #powershell #reverse #shell
🔥4
🎲 PowerShell Obfuscation
A simple and effective powershell obfuscaiton tool bypass Anti-Virus and AMSI-bypass + ETW-block.
https://github.com/H4de5-7/powershell-obfuscation
#powershell #obfuscation #amsi #etw #bypass
A simple and effective powershell obfuscaiton tool bypass Anti-Virus and AMSI-bypass + ETW-block.
https://github.com/H4de5-7/powershell-obfuscation
#powershell #obfuscation #amsi #etw #bypass
❤7👍4👎2
🕸️ PowerShell Obfuscation Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion.
https://github.com/t3l3machus/PowerShell-Obfuscation-Bible
#powershell #obfuscation #redteam
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion.
https://github.com/t3l3machus/PowerShell-Obfuscation-Bible
#powershell #obfuscation #redteam
GitHub
GitHub - t3l3machus/PowerShell-Obfuscation-Bible: A collection of techniques, examples and a little bit of theory for manually…
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository...
🔥9👎2❤1👍1
⛓ Divide and Rule — AMSI Bypass
By spliiting well known PowerShell scripts, e.g. an AMSI Bypass, we can directly bypass Windows Defender or get at least the line, where the detection occurs. Outcome: Several AMSI Bypasses and two scripts:
- One to split PowerShell snippets in multiple lines
- A second script to run all the files in an Oneliner, XOR obfuscated
https://badoption.eu/blog/2023/07/15/divideconqer.html
#amsi #av #bypass #powershell
By spliiting well known PowerShell scripts, e.g. an AMSI Bypass, we can directly bypass Windows Defender or get at least the line, where the detection occurs. Outcome: Several AMSI Bypasses and two scripts:
- One to split PowerShell snippets in multiple lines
- A second script to run all the files in an Oneliner, XOR obfuscated
https://badoption.eu/blog/2023/07/15/divideconqer.html
#amsi #av #bypass #powershell
❤7👍1
⚡PsMapExec
A PowerShell tool that takes strong inspiration from CrackMapExec.
🚀 Supported Methods
— PsExec
— RDP
— SMB Signing
— WinRM
— WMI
🔗 More Detailed
🔗 Github Repository
#ad #windows #powershell #cme
A PowerShell tool that takes strong inspiration from CrackMapExec.
🚀 Supported Methods
— PsExec
— RDP
— SMB Signing
— WinRM
— WMI
🔗 More Detailed
🔗 Github Repository
#ad #windows #powershell #cme
🔥18👍4❤2