Code Monkey home page Code Monkey logo

psattack's Introduction

PS>Attack is currently available as an beta. You can also download the beta for PS>Punch (the portable environment that PS>Attack customizes) here.

These projects are under heavy, active development and should gain features quickly. I'm planning to have "1.0" ready to go early 2016. I'm writing an ongoing series of articles about where this project is at here

If you have any questions or suggestions for PS>Attack and PS>Punch, feel free to reachout on twitter or via email: jaredhaight at prontonmail.com

PS>Attack Build status

A platform for generating a portable powershell attack environment (from PS>Punch). The generated environment is a self contained exe and comes with a lot of the latest and greatest offensive PowerShell tools.

What does it do?

PS>Attack handles downloading PS>Punch, downloading updated versions of the modules that it uses (PowerSploit, PowerTools, etc), encrypts them with a unique key and then packages everything up into a self contained exe.

What is PS>Punch?

PS>Punch is used by PS>Attack to generate the portable attack environment. PS>Punch combines some of the best projects in the offensive powershell community into a self contained executable. It uses a couple of techinques to evade antivirus and Incident Response teams.

  1. It doesn't rely on powershell.exe. Instead it calls powershell directly through the dotNet framework.
  2. The modules that are bundled with the exe are encrypted. When PS>Punch starts, they are decrypted into memory. The unencrypted payloads never touch disk, making it difficult for most antivirus engines to them.
  3. When generated by PS>Attack, the payloads are encrypted with a unique key. This means that the generated executable's signature changes each time it's created.

Offensively, PS>Punch contains commands for Privilege Escalation, Recon and Data Exfilitration. It does this by including the following modules and commands:

  • Powersploit
    • Invoke-Mimikatz
    • Invoke-GPPPassword
    • Invoke-NinjaCopy
    • Invoke-Shellcode
    • Invoke-WMICommand
    • VolumeShadowCopyTools
  • PowerTools
    • PowerUp
    • PowerView
  • Nishang
    • Gupt-Backdoor
    • Do-Exfiltration
    • DNS-TXT-Pwnage
    • Get-Infromation
    • Get-WLAN-Keys
    • Invoke-PsUACme
  • Powercat
  • Inveigh

It also comes bundled with get-attack, a command that allows you to search through the included commands and find the attack that you're looking for.

Get-Attack

Greetz

PS>Attack was inspired by and benefits from a lot of incredible people in the PowerShell community. Particularly mattifiestation of PowerSploit and sixdub, engima0x3 and harmj0y of Empire. Besides writing the modules and commands that give PS>Punch it's.. punch, their various projects have inspired alot of my approach to PS>Attack and PS>Punch as well as my decision to try and contirbute something back to the community.

A huge thank you to Ben0xA, who's PoshSecFramework was used to figure out a lot of things about how to build a powershell console.

psattack's People

Watchers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.