Invoke-PSObfuscation : An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You’Re On Windows Or Kali Linux

Invoke-PSObfuscation is an in-depth approach to obfuscating the individual components of a PowerShell payload whether you’re on Windows or Kali Linux. Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue to have a varied degree of success, but they have become trivial to extract […]

April 11, 2023
Read More >>

Powershell-Backdoor-Generator : To Create A Flipper Zero/ Hak5 USB Rubber Ducky Payload

Powershell-Backdoor-Generator is a reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every build. With the capabilties to create a Flipper Zero/ Hak5 USB Rubber ducky payload. Features Standard backdoor C:\Users\DrewQ\Desktop\powershell-backdoor-main> python .\listen.py –verbose [*] Encoding backdoor script [*] Saved backdoor backdoor.ps1 sha1:32b9ca5c3cd088323da7aed161a788709d171b71 [*] Starting Backdoor […]

March 5, 2023
Read More >>

FarsightAD : PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms

FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise. The script produces CSV / JSON file exports of various objects and their attributes, enriched with timestamps from replication metadata. Additionally, if executed with replication privileges, the Directory Replication Service (DRS) […]

January 10, 2023
Read More >>

Toolsmith Release Advisory: Magic Unicorn v2.8

David Kennedy and the TrustedSec crew have released Magic Unicorn v2.8.
Magic Unicorn is “a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory, based on Matthew Graeber’s PowerShell attacks and the Powe…

August 28, 2017
Read More >>

Toolsmith – GSE Edition: snapshot.ps1

I just spent a fair bit of time preparing to take the GIAC Security Expert exam as part of the requirement to recertify every four years. I first took the exam in 2012, and I will tell you, for me, one third of the curriculum is a “use it or lose it” s…

November 1, 2016
Read More >>