AV Evasion

19 Oct 2016

New Powershell Mass Encrypt and Decrypt modules

PowerSploit's Out-Encrypted.ps1 handles / encrypts one script at a time; encrypted file needs to be decrypted manually and then executed. Wrote up new Powershell Mass Encrypt and Decrypt modules to handle your favorite set of powershell scripts easily. Using PS-MassEncScript.ps1, encrypt multiple scripts with a password and a salt value, in one go. Use PS-DecScript.ps1 to decrypt & execute any of these encrypted files.

Read more

10 Sep 2016

Powersploit – AV Evasion

[Quick Notes] Powersploit - AV Evasion On my pentest engagements, I primarily use Powershell (PS) & PS based exploitation tools & frameworks like CME, Empire, Powersploit, Nishang, Veil, etc, along with Metasploit & other tools. This short writeup is one of the AV evasion scenarios. Posting here for reference.

Read more