└── README.md


/README.md:
--------------------------------------------------------------------------------
  1 | # Powershell for PenTest by Joas
  2 | 
  3 | ## Introduction
  4 | 
  5 | ### https://docs.microsoft.com/en-us/powershell/scripting/developer/prog-guide/windows-powershell-concepts?view=powershell-7.1
  6 | 
  7 | ### https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.1
  8 | 
  9 | ### https://www.techrepublic.com/blog/10-things/10-fundamental-concepts-for-powershell-scripting/
 10 | 
 11 | ### https://en.wikipedia.org/wiki/PowerShell
 12 | 
 13 | ### https://www.networkworld.com/article/2268752/chapter-2--basic-powershell-concepts.html
 14 | 
 15 | ### https://www.guru99.com/powershell-tutorial.html
 16 | 
 17 | ### https://thecrazyconsultant.com/powershell-study-guide-core-concepts/
 18 | 
 19 | ### https://www.pcmag.com/encyclopedia/term/powershell
 20 | 
 21 | ### https://www.techopedia.com/definition/25975/powershell
 22 | 
 23 | ### https://www.youtube.com/watch?v=u3zXMv69uNA&ab_channel=ResearchTrianglePowerShellUsersGroup
 24 | 
 25 | ## Recon
 26 | 
 27 | ### https://sid-500.com/2017/11/12/test-port-use-powershell-as-a-port-scanner/
 28 | 
 29 | ### https://techcommunity.microsoft.com/t5/itops-talk-blog/powershell-basics-how-to-scan-open-ports-within-a-network/ba-p/924149
 30 | 
 31 | ### http://5ubtools.blogspot.com/
 32 | 
 33 | ### https://github.com/Z3R0TH-13/ENUM
 34 | 
 35 | ### https://github.com/PyroTek3/PowerShell-AD-Recon
 36 | 
 37 | ### https://stealthbits.com/blog/performing-domain-reconnaissance-using-powershell/
 38 | 
 39 | ### https://medium.com/@smurf3r5/recon-domain-shares-872914697980
 40 | 
 41 | ### https://www.hebunilhanli.com/wonderland/ad-pentest/recon-with-powershell/
 42 | 
 43 | ### https://periciacomputacional.com/pentesting-with-powershell-in-six-steps/
 44 | 
 45 | ### https://github.com/EliteLoser/PSnmap
 46 | 
 47 | ### https://medium.com/@drag0n/some-useful-interesting-powershell-scripts-9b9490cee0cd
 48 | 
 49 | ### https://adsecurity.org/?p=2535
 50 | 
 51 | ### https://www.varonis.com/blog/powerview-for-penetration-testing/
 52 | 
 53 | ### https://www.sans.org/blog/pen-test-poster-white-board-powershell-built-in-port-scanner/
 54 | 
 55 | ### https://github.com/scipag/PowerShellUtilities
 56 | 
 57 | ### https://www.adamcouch.co.uk/conducting-powershell-port-scan/
 58 | 
 59 | ### https://www.infosecmatter.com/port-scanner-in-powershell-tcp-udp-ps1/
 60 | 
 61 | ### https://github.com/xorrior/RemoteRecon
 62 | 
 63 | ### https://github.com/XORRIOR/REMOTERECON
 64 | 
 65 | ## Exploit
 66 | 
 67 | ### https://github.com/PowerShellMafia/PowerSploit
 68 | 
 69 | ### https://pentestlab.blog/tag/powersploit/
 70 | 
 71 | ### https://www.cyberpunk.rs/powersploit-powershell-post-exploitation-framework
 72 | 
 73 | ### https://www.darknet.org.uk/2015/12/powersploit-powershell-post-exploitation-framework/
 74 | 
 75 | ### https://attack.mitre.org/software/S0194/
 76 | 
 77 | ### https://adsecurity.org/?tag=powersploit
 78 | 
 79 | ### https://medium.com/@benoit.sevens/powershell-av-evasion-4e4bb6a6a961
 80 | 
 81 | ### https://www.youtube.com/watch?v=otpPnWbEaDA&ab_channel=ChiefRiver
 82 | 
 83 | ### https://www.youtube.com/watch?v=LEll6qa-REY&ab_channel=Metasploitation
 84 | 
 85 | ### https://www.youtube.com/watch?v=b-XjnmFZ7Ls&ab_channel=%5BMister_Bert0ni%5D
 86 | 
 87 | ### https://www.youtube.com/watch?v=zbmOs_fNxng&ab_channel=SecurityNotes
 88 | 
 89 | ### https://www.youtube.com/watch?v=52xkWbDMUUM&ab_channel=HackerSploit
 90 | 
 91 | ### https://www.youtube.com/watch?v=0gHS3U9zMKI&ab_channel=GusKhawaja
 92 | 
 93 | ### https://www.powershellempire.com/
 94 | 
 95 | ### https://ratiros01.medium.com/tryhackme-ps-empire-bd96fbf822cc
 96 | 
 97 | ### https://stealthbits.com/blog/next-gen-open-source-c2-frameworks/
 98 | 
 99 | ## Post Exploitation
100 | 
101 | ### https://www.hackingarticles.in/hacking-with-empire-powershell-post-exploitation-agent/
102 | 
103 | ### https://null-byte.wonderhowto.com/how-to/use-powershell-empire-getting-started-with-post-exploitation-windows-hosts-0178664/
104 | 
105 | ### https://www.cyberpunk.rs/empire-powershell-post-exploitation-framework
106 | 
107 | ### https://github.com/jaredhaight/Invoke-MetasploitPayload
108 | 
109 | ### https://medium.com/SWLH/FUN-WITH-POWERSHELL-PAYLOAD-EXECUTION-AND-EVASION-F5051FD149B2
110 | 
111 | ### https://github.com/trustedsec/unicorn
112 | 
113 | ### https://github.com/loadenmb/tvasion
114 | 
115 | ### https://threat.tevora.com/dissecting-veil-evasion-powershell-payloads-and-converting-to-a-bind-shell/
116 | 
117 | ### https://hakin9.org/xencrypt-a-powershell-script-anti-virus-evasion-tool/
118 | 
119 | ### https://arno0x0x.wordpress.com/2016/04/13/meterpreter-av-ids-evasion-powershell/
120 | 
121 | ### https://hack-ed.net/2016/04/04/veil-evasion-payloads-made-easy/
122 | 
123 | ### https://kaizensecurity.wordpress.com/2016/08/19/metasploit-av-evasion-with-powershell/
124 | 
125 | ### https://www.blackhat.com/docs/eu-17/materials/eu-17-Thompson-Red-Team-Techniques-For-Evading-Bypassing-And-Disabling-MS-Advanced-Threat-Protection-And-Advanced-Threat-Analytics.pdf
126 | 
127 | ### https://www.blackhat.com/docs/us-14/materials/us-14-Kazanciyan-Investigating-Powershell-Attacks-WP.pdf
128 | 
129 | ### https://resources.infosecinstitute.com/topic/powershell-for-pentesters-part-5-remoting-with-powershell/
130 | 
131 | ### https://pentestn00b.wordpress.com/2016/08/22/powershell-psremoting-pwnage/
132 | 
133 | ### https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/
134 | 
135 | ### https://www.rapid7.com/DB/MODULES/EXPLOIT/WINDOWS/LOCAL/POWERSHELL_REMOTING/
136 | 
137 | ### https://www.youtube.com/watch?v=tVgJ-9FJKxE&ab_channel=Hak5
138 | 
139 | ### https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md
140 | 
141 | ### https://www.youtube.com/watch?v=KKfrjTlm5LI&ab_channel=InfoSecAddicts
142 | 
143 | ### https://hackersinterview.com/OSCP/REVERSE-SHELL-ONE-LINERS-OSCP-CHEATSHEET/
144 | 
145 | ### https://www.youtube.com/watch?v=KKfrjTlm5LI&ab_channel=InfoSecAddicts
146 | 
147 | ### https://www.offensive-security.com/offsec/kali-linux-powershell-pentesting/
148 | 
149 | ### https://securityonline.info/reverse-powershell/
150 | 
151 | ### https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/get-injectedthread
152 | 
153 | ### https://medium.com/@threatpointer/pentesting-powershell-remoting-fa605ef325d4
154 | 
155 | ### https://medium.com/@subhammisra45/lateral-movement-powershell-remoting-89da402a9885
156 | 
157 | ### https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f
158 | 
159 | ### https://pt.slideshare.net/kieranjacobsen/lateral-movement-with-power-shell-2
160 | 
161 | ### https://www.ired.team/offensive-security/lateral-movement/wmi-+-powershell-desired-state-configuration-lateral-movement
162 | 
163 | ### https://gennaromigliaccio.com/LATERAL-MOVEMENT-TACTICS-AND-TECHNIQUES
164 | 
165 | ### https://www.snaplabs.io/insights/lateral-movement-methods-and-good-practices
166 | 
167 | ### https://gist.github.com/jaredcatkinson/c95fd1e4e76a4b9b966861f64782f5a9
168 | 
169 | ### https://attack.mitre.org/software/S0029/
170 | 
171 | ### https://www.offensive-security.com/metasploit-unleashed/psexec-pass-hash/
172 | 
173 | ### https://www.contextis.com/us/blog/lateral-movement-a-deep-look-into-psexec
174 | 
175 | ### https://www.mindpointgroup.com/blog/lateral-movement-with-psexec
176 | 
177 | ### https://redcanary.com/blog/threat-hunting-psexec-lateral-movement/
178 | 
179 | ### https://medium.com/@upadhyay.varun/pass-the-hash-attack-b0f214b2884a
180 | 
181 | ### https://periciacomputacional.com/windows-account-hijacking-psexec-e-suas-possibilidades/
182 | 
183 | ### https://pentestlab.blog/tag/psexec/
184 | 
185 | ### https://www.poftut.com/use-psexec-tools-run-commands-get-shell-remote-windows-systems/
186 | 
187 | ### https://www.ired.team/offensive-security/lateral-movement/lateral-movement-with-psexec
188 | 
189 | ### https://www.varonis.com/blog/how-to-use-powershell-for-privilege-escalation-with-local-computer-accounts/
190 | 
191 | ### https://github.com/frizb/Windows-Privilege-Escalation
192 | 
193 | ### https://www.youtube.com/watch?v=-sBXN-cGUD0&ab_channel=PentesterAcademyTV
194 | 
195 | ### https://hakin9.org/privesccheck-privilege-escalation-enumeration-script-for-windows/
196 | 
197 | ### https://githacktools.blogspot.com/2019/04/winroothelper-windows-privilege-escalation-powershell-script.html
198 | 
199 | ### https://www.hackingarticles.in/window-privilege-escalation-automated-script/
200 | 
201 | ### https://www.youtube.com/watch?v=bAnohAiAQ7U&ab_channel=SANSOffensiveOperations
202 | 
203 | ### https://www.youtube.com/watch?v=v0zYorQ0eEY&ab_channel=PowerShellEmpireTutorials
204 | 
205 | ### https://www.youtube.com/watch?v=dzJfiIw3kZE&ab_channel=Moss%C3%A9CyberSecurityInstitute
206 | 
207 | ### https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/PrivescPostEx.md
208 | 
209 | ### https://pentestlab.blog/2017/08/19/COMMAND-AND-CONTROL-POWERSHELL/
210 | 
211 | ### https://enigma0x3.net/2014/01/17/command-and-control-using-powershell-and-your-favorite-website/
212 | 
213 | ### https://www.snaplabs.io/insights/command-and-control-with-powershell-empire-pt1
214 | 
215 | ### https://www.youtube.com/watch?v=OH-lcn5K9k8&ab_channel=Cover6Solutions
216 | 
217 | ### https://truneski.github.io/blog/2017/03/03/dropbox-command-and-control-over-powershell-with-invoke-dbc2/
218 | 
219 | ### https://www.cover6solutions.com/webinar-intro-to-c2-with-powershell-empire/
220 | 
221 | ### https://pentestlab.blog/2019/11/05/persistence-powershell-profile/
222 | 
223 | ### https://pentestlab.blog/2019/11/04/PERSISTENCE-SCHEDULED-TASKS/
224 | 
225 | ### https://github.com/emilyanncr/Windows-Post-Exploitation
226 | 
227 | ### https://adsecurity.org/?p=429
228 | 
229 | ### https://www.ired.team/offensive-security/exfiltration
230 | 
231 | ### https://www.hackingarticles.in/DATA-EXFILTRATION-USING-POWERSHELL-EMPIRE/
232 | 
233 | ### https://www.sans.org/webcasts/pen-testing-powershell-data-exfiltration-techniques-108740/
234 | 
235 | ### https://blog.stackattack.net/2019/03/14/quick-hit-base64-powershell-exfiltration/
236 | 
237 | ### https://www.sevenlayers.com/index.php/305-powershell-data-exfil
238 | 
239 | ## My Social Networks
240 | 
241 | ### https://www.linkedin.com/in/joas-antonio-dos-santos
242 | 
243 | ### https://twitter.com/C0d3Cr4zy
244 | 
245 | 


--------------------------------------------------------------------------------