Empire 4.0 is a post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects....
luckystrike a PowerShell based generator of malicious .xls documents (soon to be .doc). All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Luckystrike provides...
Inveigh Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers. This repo contains the primary C# version as well as the legacy PowerShell version. Overview Inveigh conducts spoofing attacks and hash/credential captures...
PoshC2 PoshC2 is a proxy aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users...
PSSysmonTools Sysmon Tools for PowerShell Download git clone https://github.com/mattifestation/PSSysmonTools.git Implemented functions Get-SysmonConfiguration Parses a Sysmon driver configuration from the registry. The output is nearly identical to that of “sysmon.exe -c” but without the requirement to...
p0wnedShell is an offensive PowerShell host application written in C# that does not rely on powershell.exe but runs powershell commands and functions within a powershell runspace environment (.NET). It has a lot of offensive...
MimiDbg is a PowerShell oneliner that leverages the Microsoft tools “DbgShell”. DbgShell is a PowerShell front-end for the Windows debugger engine. You can find DbgShell here MimiDbg uses PowerMemory concept to retrieve Wdigest passwords from the memory....
Invoke-WCMDump PowerShell script to dump Windows credentials from the Credential Manager. Credential dumping is the process of obtaining account login and password information from the operating system and software. Credentials can be used to...
Invoke-HostRecon Invoke-HostRecon runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase of an engagement. It gathers information about the local system, users,...
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server The PowerUpSQL module includes functions that support SQL Server discovery, auditing for common weak configurations, and privilege escalation on the scale. It is intended to be...
