BrowserGather – Fileless web browser information extraction

browser

BrowserGather Fileless Extraction of Sensitive Browser Information with PowerShell This project will include various cmdlets for extracting credential, history, and cookie/session data from the top 3 most popular web browsers (Chrome, Firefox, and IE). The goal is to perform this extraction entirely in-memory, without touching the disk of the victim. Currently Chrome credential and cookie … Read more

mimikittenz – Powershell Tool for Extracting Juicy info from Memory RAM

mimikittenz

A post-exploitation powershell tool for extracting juicy info from memory. mimikittenz mimikittenz is a post-exploitation powershell tool that utilizes the Windows function ReadProcessMemory() in order to extract plain-text passwords from various target processes. mimikittenz can also easily extract other kinds of juicy info from target processes using regex patterns including but not limited to: TRACK2 … Read more

Generate-Macro – Powershell Script To Generate a Malicious Microsoft Office document with a Specified Payload and Persistence Method

microsoft-hacked

Credits Matt Nelson (enigma0x3) – Coded by Matt Nelson (@enigma0x3) DOWNLOAD GENERATE-MACRO [sociallocker id=968]https://github.com/enigma0x3/Generate-Macro[/sociallocker] This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method. SYNOPSIS Generate-Macro is a standalone PowerShell script that will generate a malicious Microsoft Office document with a specified payload and persistence method. [!] This … Read more

Unicorn – PowerShell Downgrade Attack Evade Anti-Virus

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. https://www.trustedsec.com Welcome back today we will talk about Powershell downgrade attacks using uniscan and inject shellcode … Read more