Skip to content

Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters

Repository files navigation


An List of Powershell Scripts, commands and technics for Pentesting Windows Machines
Scripts managed by @Smukx



Pwn windows machines without any Restrictions ⚠️



What is this ?

This Repository is an Collection of Powershell Scripts, Hacks ,Tutorials etc .. These are my complete resoruce that i coded to use it to automate hacks , works etc ..

Usages ?

Enumerate your Powershell hacks , scripts usage (Adv) , to the next level . This Repository contains all kinds of Hacks and Powershell Tricks, from basics to advance powershell commnads and scripts that will help you in day to day life of an IT Sectors , cybersecurity or Windows Automation

Down is an list of series which you can concern for your needs !

Contents

Powershell Script Tier List + MODULES + Links
Powershell Scripts & Commands PS-010 (Ping-Play) Look Here
PS-020 (Attacks) Look Here
ps-030 (KEY-STOKES) Look Here
PS-040 (Win-Defender) Look Here
ps-050 (Silent-Installer) Look Here
PS-060 (Basics of Mimikaz) Look Here
PS-070-N (Adv Network Enumeration) Look Here
PS-070-M (Adv System Enumeration) Look Here
Complicated Part SYSTEM32 Look Here
REVERSE-SHELL Look Here
SCRIPT-FILES.ps1 Look Here
UNDETECTABE-KEYLOGGER Look Here
Exfiltrating data using Powershell & WAV Look Here



Topic Description Link
Basic of Windows Systems [Works, Methods etc] Just an Bunch of Theories. If you are a Scirpt Kiddie (New to Hack) then this may help you understand things Windows Basics
WINDOWS-BASICS Click Here
WINDOWS-PENTEST-METHODS Click Here
COMMON-PORTS-AND-SERVICE Click Here
BASIC-COMMANDS Click Here
POWERSHELL VS CMD Click Here
JSON-IN-POWERSHELL Click Here
XML-IN-POWERSHELL Click Here
Powershell Blogs AUTOMATED POWERSHELL ATTACKS Blog
HOW KEYLOGGERS WORK ( BASICS ) InDept Blog
POWERSHELL TURLA SERIES Blog
USING PS1 ON KALI LINUX FOR PENTESTING Blog
Tracking Powershell based malware attacks Blog
Multi-stage Powershell script Blog
APT33 PowerShell Malware Blog
Lemon Duck Powershell Malware Blog
Hoaxcalls DDoS Botnet Blog
AgentTesla Delivered via a Malicious PowerPoint Add-In Blog
Machine learning from idea to reality: a PowerShell case study Blog
Multi-stage PowerShell script BLog
Inspecting a PowerShell Cobalt Strike Beacon Blog
Powershell Reflective Loader to inject dll Blog
Windows Triaging with Powershell Blog
Powershell used to drop an REvil Ransomware Blog
PowerShell based attack targets Kazakhstan Blog
Exploring Powershell AMSI and logging Evasion Blog
Charming Kitten Updates POWERSTAR with an InterPlanetary Twist Blog
Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets Blog
Powershell static Analysis and Emote Results Blog
PowerPoint Dropper and Cryptocurrency Stealer Blog
A border-hopping PlugX USB worm takes its act on the road Blog
Malicious Powershell Targeting UK Bank Customers Blog
PowerLess Trojan Blog
An Journey to Uncover New Fully Undetectable PowerShell Backdoor Blog
A case of Powershell, Excel 4 Macros and VB6 Blog
Emotet Technical Analysis - Part 1 Blog
Emotet Technical Analysis - Part 2 Blog
Reversing complete Powershell Malware Blog
HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET Blog
PowerShell Dropper Delivering Formbook Blog
Reversing Complex PowerShell Malware Blog
Threat Operation Re-emerges with New LNK and PowerShell Blog
The rise of .NET and Powershell Malware Blog
MoDi RAT attack pastes PowerShell commands Blog
Simple DGA Spotted in a Malicious PowerShell Blog
New PowerShell Obfuscation in Emotet Maldocs Blog
From virus alert to PowerShell Encrypted Loader Blog
Anatomy of a PowerShell Attack Blog
Delivering Ransomware with Powershell Turla Series Blog
PRB-Backdoor-A Fully Loaded PowerShell Backdoor with Evil Intentions Blog
Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis Blog
Top 10 Prevalent MITRE ATT&CK Techniques Blog
Detecting both ‘offensive’ and obfuscated PowerShell scripts in Splunk using Windows Event Log Blog
Analyzing Modern Malware Technique Blog
Emotet_network_protocol Blog
Powershell Conference BlackHat-USA-2010-Kennedy-Kelly-PowerShell PPT Link
BlackHat-USA-2017-Robbins-Schroeder PPT Link
BlackHat-USA-2021-ProxyLogon is Just the Tip of the Iceberg PPT Link
BlackHat-EU-14-Hafif-Reflected-File-Download-A-New-Web-Attack PPT Link
BlackHat-USA-2014-Kazanciyan-Investigating-Powershell-Attacks-wp PPT Link
BlackHat-USA-2017-PowerShell-Obfuscation Detection Using Science PPT Link
Document
BlackHat-Asia-2016-DSCompromised:A Windows DSC Attack Framework PPT Link
BlackHat-USA-2017-INFECTING-THE-ENTERPRISE-ABUSING-OFFICE365+POWERSHELL-FOR-COVERT-C2 PPT Link
Splunk-USA-2016-hunting-the-known-unknowns-the-PowerShell-edition PPT Link
BlackHat-USA-2019-PowerShell-module-for-administering-Office-365/Azure-AD PPT Link
PowerShell for Penetration Testers PPT Link
HTTB-SECONF-Exploit-with-Shell-Reverse-Infection-PowerShell-using-VBS PPT Link
Powershell Papers CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE Link
Cheat Sheets for Powershell Cheat Sheet by SanS Cheat Sheet
Cheat Sheet by Microsoft Cheat Sheet
Reverse Shell Cheat Sheet Cheat Sheer
Powershell Books (Worth) Windows Security Internals with PowerShell (Aid. 2024) Redirect
The Complete Ultimate Windows Powershell Beginners Guide (Aid. 2017) Redirect
PowerShell Automation and Scripting for Cybersecurity (Aid. 2023) Redirect
Top Powershell Tools Powershell Empire Repo Link
WinPwn Repo Link
PersistenceSniper Code Link
PowerLessShell Repo Link
Free Powershell Books Around the Internet Learning Powershell from Stack Overflow Contributors PDF Link
Mastering Windows Powershell Scripting PDF Link
Learn Windows PowerShell In A Month Of Lunches PDF Link
EA - Windows Security Internals with PowerShell PDF Link
Increased use of Powershell Attacks PDF Link
Hands-On Penetration Testing on Windows PDF Link
ScriptRunner PowerShell Security Ebook 2020 PDF Link

RWH-Series

Real-world Series is a blog, where I will write the techniques and methods that Real World Hackers use to harm, breach, and crash data on Govt, Military, citizens, companies, etc ..

Now All the RWH has been linked at the blog category.


ATTENCTION HERE :
This repository consists of several parts PS-010 contains basic commands that are both fun and effective for attacking.

Please Note that Windows's security will change daily and they will try to Improve the Security. So some scripts may or may not work. If Some new scripts don't work! without hesitation notify me at Twitter

Reach out to my Windows Security Blog where I Explained pentesting methods and how you can use this repository to achieve certain Tasks ;) . [Still Writing] Link : Windows Pentest Series

:> Note ⚠️

If you find any wrong code / copyrighted content, please kindly inform me via Email: [email protected]. I will verify and fix the issue, else I will remove the content and create a new one. Thank you !!

:: Cloning This Repo on git will remove some Powershell scripts.

Improvements and Tips

How to use my Repositary as Book

Improving at writing blogs on my website, but at present, I'm on a learning curve so I can't write all the blogs about it :(