Category: AV Evasion

AV Evasion, Tools

New Powershell Mass Encrypt and Decrypt modules

PowerSploit’s Out-Encrypted.ps1 handles / encrypts one script at a time; encrypted file needs to be decrypted manually and then executed.

Wrote up new Powershell Mass Encrypt and Decrypt modules to handle your favorite set of powershell scripts easily.

Using PS-MassEncScript.ps1, encrypt multiple scripts with a password and a salt value, in one go. Use PS-DecScript.ps1 to decrypt & execute any of these encrypted files.

AV Evasion, Tools

Powersploit – AV Evasion

[Quick Notes] Powersploit – AV Evasion

On my pentest engagements, I primarily use Powershell (PS) & PS based exploitation tools & frameworks like CME, Empire, Powersploit, Nishang, Veil, etc, along with Metasploit & other tools.

This short writeup is one of the AV evasion scenarios. Posting here for reference.