A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from...
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar...
An advanced persistent threat group with links to Iran has updated its malware toolset to include a novel PowerShell-based implant called PowerLess...
An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a...
The Lyceum threat group (aka Hexane) again initiated an attack, but this time they have a weird variant of a remote-access trojan...
Recently, cybersecurity experts have claimed that the operators of Ryuk Ransomware are targeting severe infrastructures to extort high ransom from their victims....
Windows Firewall Ruleset Windows firewall rules organized into individual powershell scripts according to: Rule group Traffic direction IP version (IPv4 / IPv6)...
ThreatHunt is a simple PowerShell repository that allows you to train your threat hunting skills. ThreatHunt allows you to simulate a variety...
Malicious Macro MSBuild Generator Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass, this tool intended for adversary...
PowerShell Script to perform a quick AD audit _____ ____ _____ _ _ _| _ | | _ |_ _ _| |_|...
Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor...
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking...
Many tools are written in PowerShell especially for red team activities as the majority of modern Windows are having PowerShell and usually...
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only
Various PowerShell scripts that may be useful during a red team exercise. The repo includes the following scripts: Red Team Powershell Scripts...
Hackers use malicious MSI files that download and execute malicious files that could bypass traditional security solutions. The dropped malware is capable...
DCOMrade is a Powershell script that is able to enumerate the possible vulnerable DCOM applications that might allow for lateral movement,...
ThunderShell is a C# RAT that communicates via HTTP requests. All the network traffic is encrypted using a second layer of RC4...
Researchers observed a new Powershell based backdoor via Microsoft office document that infects similar to MuddyWater threat actor hacking tools to steal...
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking...
Microsoft signed DLL for the ActiveDirectory PowerShell module Just a backup for the Microsoft’s ActiveDirectory PowerShell module from Server 2016 with RSAT...