PowerShell is extremely useful for admins. This power is also extremely useful for attackers.
There are several PowerShell tools specifically for increasing access on a network:
PowerSploit
PowerSploit – PowerShell based pentest tool set developed by Mattifestation.
PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid reverse engineers, forensic analysts, and penetration testers during all phases of an assessment.
PowerSploit is comprised of the following major components:
CodeExecution
ScriptModification
Persistence
PETools
Capstone
ReverseEngineering
AntivirusBypass
Recon
Exfiltration
The last one listed, Exfiltration, includes the following useful PowerShell pentest scripts.
Invoke-TokenManipulation
Invoke-CredentialInjection
Invoke-Mimikatz
Get-GPPPassword
Get-VaultCredential
Recent Comments