{"id":27650565,"url":"https://github.com/whitecat18/powershell-scripts-for-hackers-and-pentesters","last_synced_at":"2025-04-24T03:42:56.209Z","repository":{"id":153247823,"uuid":"607204079","full_name":"Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters","owner":"Whitecat18","description":"An List of my Powershell scripts, commands and Blogs for windows Red Teaming. ","archived":false,"fork":false,"pushed_at":"2025-02-23T09:05:44.000Z","size":2110,"stargazers_count":417,"open_issues_count":0,"forks_count":50,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-04-24T03:42:38.956Z","etag":null,"topics":["commands","exploitation","hacking","penetration-testing","pentesting","powershell","redteam","scripts","tools-techniques","user-friendly","windows"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Whitecat18.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-02-27T14:27:32.000Z","updated_at":"2025-04-23T14:55:00.000Z","dependencies_parsed_at":"2024-03-24T08:28:24.494Z","dependency_job_id":"f463f984-b377-4efa-a44e-90e980dcfa12","html_url":"https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters","commit_stats":null,"previous_names":["whitecat18/powershell-scripts-for-hackers-and-pentesters","smukx07/powershell-scripts-for-hackers-and-pentesters"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Whitecat18%2FPowershell-Scripts-for-Hackers-and-Pentesters","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Whitecat18%2FPowershell-Scripts-for-Hackers-and-Pentesters/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Whitecat18%2FPowershell-Scripts-for-Hackers-and-Pentesters/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Whitecat18%2FPowershell-Scripts-for-Hackers-and-Pentesters/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Whitecat18","download_url":"https://codeload.github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250559524,"owners_count":21450167,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["commands","exploitation","hacking","penetration-testing","pentesting","powershell","redteam","scripts","tools-techniques","user-friendly","windows"],"created_at":"2025-04-24T03:42:55.395Z","updated_at":"2025-04-24T03:42:56.191Z","avatar_url":"https://github.com/Whitecat18.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n \u003cimg width=\"260px\" src=\"source/powershell_scripts.png\" /\u003e\n \u003ca href = \"#content\" \u003e\u003ch3\u003ePowershell Scripts For Hackers and Pentesters\u003c/h3\u003e\u003c/a\u003e\n \u003cbr\u003e\n\n \u003cp\u003e\u003ci\u003eAn List of Powershell Scripts, commands and technics for Pentesting Windows Machines \n \u003cbr\u003e\n Scripts managed by \u003ca href=\"https://twitter.com/5mukx\"\u003e @Smukx\u003c/a\u003e\u003c/i\u003e\u003c/p\u003e\n \u003cbr/\u003e\n \n-----------------\n\n \u003cb\u003ePwn windows machines without any Restrictions ⚠️\u003c/b\u003e\n \u003cbr\u003e\u003cbr\u003e\n \u003cimg src=\"https://img.shields.io/badge/PowerShell-%E2%89%A5%20v3.0-blue\"\u003e \u003cimg src=\"https://img.shields.io/github/release-date/Whitecat18/Ps-script-for-Hackers-and-Pentesters\"\u003e \u003cimg src=\"https://img.shields.io/github/last-commit/Whitecat18/Ps-script-for-hackers-and-pentesters\" /\u003e\n \u003cimg src=\"https://img.shields.io/badge/Maintained%3F-Yes-Green\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/License-MIT-yellow\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Operating System-Windows-blue\"\u003e\n\n-----------------\n\n\u003c/div\u003e\n\u003cbr\u003e\n\n\n\n\u003c!---\u003cimg src=\"https://raw.githubusercontent.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/main/source/powershell%20for%20hackers%20and%20pentesters.gif\" height=400 /\u003e--\u003e\n\n### What is this ?\n\nThis Repository is an Collection of Powershell Scripts, Hacks ,Tutorials etc .. \nThese are my complete resoruce that i coded to use it to automate hacks , works etc ..\n\n### Usages ?\n\nEnumerate your Powershell hacks , scripts usage (Adv) , to the next level . This Repository contains all kinds of Hacks and Powershell Tricks, from \nbasics to advance powershell commnads and scripts that will help you in day to day life of an IT Sectors , cybersecurity or Windows Automation \n\u003cbr\u003e\n\nDown is an list of series which you can concern for your needs !\n\u003cbr\u003e\n\n\u003c!---\u003cp\u003e\u003ca href=\"https://github.com/Whitecat18/Ps-Script-for-Hackers/blob/main/PS-010.md\"\u003e Look Here \u003cp\u003e---\u003e\n\n\n\u003ch2\u003eContents\u003c/h2\u003e\n \n| Powershell Script Tier List | + MODULES + | Links | \n|----------------------------------------------|-------------------------------------------------|--------------|\n| Powershell Scripts \u0026 Commands | PS-010 (Ping-Play) | [Look Here](https://github.com/Whitecat18/Ps-Script-for-Hackers/blob/main/PS-010.md) |\n| | PS-020 (Attacks) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/PS-020.md) |\n| | ps-030 (KEY-STOKES) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/KEYSTROKES%20USING%20POWERSHELL.md) |\n| | PS-040 (Win-Defender) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/DEFENDER_USING_POWERSHELL.md) |\n| | ps-050 (Silent-Installer) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Silent-Installer.md) |\n| | PS-060 (Basics of Mimikaz) | [Look Here](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/mimikaz.md) |\n| | PS-070-N (Adv Network Enumeration) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Enumeration/Network.md) |\n| | PS-070-M (Adv System Enumeration) | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Enumeration/Windows_Enum.md) |\n| Complicated Part | SYSTEM32 | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/SYSTEM32.md) |\n| | REVERSE-SHELL | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/tree/main/Reverse-Shell) |\n| | SCRIPT-FILES.ps1 | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/tree/main/scripts) |\n| | UNDETECTABE-KEYLOGGER | [Look Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/KEY-LOGGER.md) |\n| | Exfiltrating data using Powershell \u0026 WAV | [Look Here](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/tree/main/scripts/Exfiltrating%20data%20using%20Powershell)| \n\n\n\u003cbr\u003e \u003cbr\u003e\n\n| Topic | Description | Link |\n|----------------------------------------------|-------------------------------------------------|----------------------------------------------------|\n| Basic of Windows Systems [Works, Methods etc] | Just an Bunch of Theories. If you are a Scirpt Kiddie (New to Hack) then this may help you understand things | [Windows Basics](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/windows-basic.md) |\n| | WINDOWS-BASICS | [Click Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/windows-basic.md) |\n| | WINDOWS-PENTEST-METHODS | [Click Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basics/win-pentest-methods.md) |\n| | COMMON-PORTS-AND-SERVICE | [Click Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basics/Common-ports-and-service.md) |\n| | BASIC-COMMANDS | [Click Here](https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basic-Commands.md) |\n| | POWERSHELL VS CMD | [Click Here](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/Powershell-VS-Cmd.md) | \n| | JSON-IN-POWERSHELL | [Click Here](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/JSON_in_Powershell.md)\n| | XML-IN-POWERSHELL | [Click Here](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/XML_IN_POWERSHELL.md) \n| Powershell Blogs | AUTOMATED POWERSHELL ATTACKS | [Blog](https://medium.com/@smukx/automate-powershell-attacks-using-mavoc-tool-9adcd0c7a1f) |\n| | HOW KEYLOGGERS WORK ( BASICS ) InDept | [Blog](https://securelist.com/keyloggers-implementing-keyloggers-in-windows-part-two/36358/) | \n| | POWERSHELL TURLA SERIES | [Blog](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/turla_powershell.md) |\n| | USING PS1 ON KALI LINUX FOR PENTESTING | [Blog](https://www.offsec.com/offsec/kali-linux-powershell-pentesting/) | \n| | Tracking Powershell based malware attacks | [Blog](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/Powershell_defense/Tracking-Powershell-based-malware-attacks.md) |\n| | Multi-stage Powershell script | [Blog](https://dissectmalware.wordpress.com/2018/03/28/multi-stage-powershell-script/) |\n| | APT33 PowerShell Malware | [Blog](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/powershell_attacks/APT33%20PowerShell%20Malware.md) |\n| | Lemon Duck Powershell Malware | [Blog](https://news.sophos.com/en-us/2019/10/01/lemon_duck-powershell-malware-cryptojacks-enterprise-networks/) |\n| | Hoaxcalls DDoS Botnet | [Blog](https://unit42.paloaltonetworks.com/new-hoaxcalls-ddos-botnet/) |\n| | AgentTesla Delivered via a Malicious PowerPoint Add-In | [Blog](https://isc.sans.edu/diary/AgentTesla+Delivered+via+a+Malicious+PowerPoint+AddIn/26162) |\n| | Machine learning from idea to reality: a PowerShell case study | [Blog](https://blog.fox-it.com/2020/09/02/machine-learning-from-idea-to-reality-a-powershell-case-study/) | \n| | Multi-stage PowerShell script | [BLog](https://dissectmalware.wordpress.com/2018/03/28/multi-stage-powershell-script/) | \n| | Inspecting a PowerShell Cobalt Strike Beacon | [Blog](https://forensicitguy.github.io/inspecting-powershell-cobalt-strike-beacon/) | \n| | Powershell Reflective Loader to inject dll | [Blog](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/powershell_attacks/from%20Powershell%20reflective%20loader%20to%20injected%20dll.md) | \n| | Windows Triaging with Powershell | [Blog](https://aditya-pratap9557.medium.com/windows-triaging-with-powershell-part-1-parsing-event-logs-a6748657d150) |\n| | Powershell used to drop an REvil Ransomware | [Blog](https://isc.sans.edu/diary/27012)\n| | PowerShell based attack targets Kazakhstan | [Blog](https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/powershell_attacks/A%20multi-stage%20PowerShell%20based%20attack%20targets%20Kazakhstan.md) |\n| | Exploring Powershell AMSI and logging Evasion | [Blog](https://www.mdsec.co.uk/2018/06/exploring-powershell-amsi-and-logging-evasion/) | \n| | Charming Kitten Updates POWERSTAR with an InterPlanetary Twist | [Blog](https://www.volexity.com/blog/2023/06/28/charming-kitten-updates-powerstar-with-an-interplanetary-twist/) | \n| | Top-Tier Russian Organized Cybercrime Group Unveils Fileless Stealthy “PowerTrick” Backdoor for High-Value Targets | [Blog](https://www.sentinelone.com/labs/top-tier-russian-organized-cybercrime-group-unveils-fileless-stealthy-powertrick-backdoor-for-high-value-targets/) |\n| | Powershell static Analysis and Emote Results | [Blog](https://hatching.io/blog/powershell-analysis/) |\n| | PowerPoint Dropper and Cryptocurrency Stealer | [Blog](https://threatresearch.ext.hp.com/aggah-campaigns-latest-tactics-victimology-powerpoint-dropper-and-cryptocurrency-stealer/)\n| | A border-hopping PlugX USB worm takes its act on the road | [Blog](https://news.sophos.com/en-us/2023/03/09/border-hopping-plugx-usb-worm/) | \n| | Malicious Powershell Targeting UK Bank Customers | [Blog](https://isc.sans.edu/diary/Malicious+Powershell+Targeting+UK+Bank+Customers/23675) |\n| | PowerLess Trojan | [Blog](https://www.cybereason.com/blog/research/powerless-trojan-iranian-apt-phosphorus-adds-new-powershell-backdoor-for-espionage)\n| | An Journey to Uncover New Fully Undetectable PowerShell Backdoor | [Blog](https://www.safebreach.com/blog/safebreach-labs-researchers-uncover-new-fully-undetectable-powershell-backdoor/) |\n| | A case of Powershell, Excel 4 Macros and VB6| [Blog](https://0x00sec.org/t/analyzing-modern-malware-techniques-part-3/18943) | \n| | Emotet Technical Analysis - Part 1 | [Blog](https://www.picussecurity.com/resource/blog/emotet-technical-analysis-part-1-reveal-the-evil-code) |\n| | Emotet Technical Analysis - Part 2 | [Blog](https://www.picussecurity.com/resource/blog/emotet-technical-analysis-part-2-powershell-unveiled) |\n| | Reversing complete Powershell Malware | [Blog](https://blog.cerbero.io/?p=2617) |\n| | HCrypt Injecting BitRAT using PowerShell, HTAs, and .NET | [Blog](https://forensicitguy.github.io/hcrypt-injecting-bitrat-analysis/) |\n| | PowerShell Dropper Delivering Formbook | [Blog](https://isc.sans.edu/diary/26806) |\n| | Reversing Complex PowerShell Malware | [Blog](https://blog.cerbero.io/?p=2617) | \n| | Threat Operation Re-emerges with New LNK and PowerShell | [Blog](https://www.deepinstinct.com/blog/ducktail-threat-operation-re-emerges-with-new-lnk-powershell-and-other-custom-tactics-to-avoid-detection) | \n| | The rise of .NET and Powershell Malware | [Blog](https://securelist.com/the-rise-of-net-and-powershell-malware/72417/) | \n| | MoDi RAT attack pastes PowerShell commands | [Blog](https://news.sophos.com/en-us/2020/09/24/email-delivered-modi-rat-attack-pastes-powershell-commands/) |\n| | Simple DGA Spotted in a Malicious PowerShell | [Blog](https://blog.rootshell.be/2020/07/14/simple-dga-spotted-in-a-malicious-powershell/) | \n| | New PowerShell Obfuscation in Emotet Maldocs | [Blog](https://security-soup.net/quick-post-spooky-new-powershell-obfuscation-in-emotet-maldocs/) |\n| | From virus alert to PowerShell Encrypted Loader | [Blog](https://www.trustnet.co.il/virus-alert-to-powershell-encrypted-loader/) | \n| | Anatomy of a PowerShell Attack | [Blog](https://s3.ca-central-1.amazonaws.com/esentire-dot-com-assets/assets/resourcefiles/Threat_Dissection_Powershell_3.pdf) |\n| | Delivering Ransomware with Powershell Turla Series | [Blog](https://www.mandiant.com/resources/blog/turla-galaxy-opportunity) | \n| | PRB-Backdoor-A Fully Loaded PowerShell Backdoor with Evil Intentions | [Blog](https://sec0wn.blogspot.com/2018/05/prb-backdoor-fully-loaded-powershell.html)\n| | Custom PowerShell RAT targets Germans seeking information about the Ukraine crisis | [Blog](https://www.malwarebytes.com/blog/threat-intelligence/2022/05/custom-powershell-rat-targets-germans-seeking-information-about-the-ukraine-crisis) |\n| | Top 10 Prevalent MITRE ATT\u0026CK Techniques | [Blog](https://www.picussecurity.com/hubfs/Red%20Report%202023/RedReport2023-Picus.pdf?utm_referrer=https%3A%2F%2Fwww.picussecurity.com%2Fthank-you-for-download-red-report-2023%3FsubmissionGuid%3Ddc10f229-1515-4e14-b0c0-9e153d925310) \n| | Detecting both ‘offensive’ and obfuscated PowerShell scripts in Splunk using Windows Event Log | [Blog](https://blog.fox-it.com/2020/09/02/machine-learning-from-idea-to-reality-a-powershell-case-study/) |\n| | Analyzing Modern Malware Technique | [Blog](https://0x00sec.org/t/analyzing-modern-malware-techniques-part-3/18943) |\n| | Emotet_network_protocol | [Blog](https://d00rt.github.io/emotet_network_protocol/)\n| Powershell Conference | BlackHat-USA-2010-Kennedy-Kelly-PowerShell | [PPT Link](https://media.blackhat.com/bh-us-10/presentations/Kennedy_Kelly/BlackHat-USA-2010-Kennedy-Kelly-PowerShell-Its-Time-To-Own-slides.pdf) | \n| | BlackHat-USA-2017-Robbins-Schroeder | [PPT Link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Robbins-An-ACE-Up-The-Sleeve-Designing-Active-Directory-DACL-Backdoors-wp.pdf) |\n| | BlackHat-USA-2021-ProxyLogon is Just the Tip of the Iceberg | [PPT Link](https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-ProxyLogon-Is-Just-The-Tip-Of-The-Iceberg-A-New-Attack-Surface-On-Microsoft-Exchange-Server.pdf) | \n| | BlackHat-EU-14-Hafif-Reflected-File-Download-A-New-Web-Attack | [PPT Link](https://www.blackhat.com/docs/eu-14/materials/eu-14-Hafif-Reflected-File-Download-A-New-Web-Attack-Vector.pdf) |\n| | BlackHat-USA-2014-Kazanciyan-Investigating-Powershell-Attacks-wp | [PPT Link](https://www.blackhat.com/docs/us-14/materials/us-14-Kazanciyan-Investigating-Powershell-Attacks-WP.pdf) |\n| | BlackHat-USA-2017-PowerShell-Obfuscation Detection Using Science | [PPT Link](https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And%20Evasion-Using-Science.pdf) \u003cbr\u003e [Document](https://www.blackhat.com/docs/us-17/thursday/us-17-Bohannon-Revoke-Obfuscation-PowerShell-Obfuscation-Detection-And%20Evasion-Using-Science-wp.pdf) |\n| | BlackHat-Asia-2016-DSCompromised:A Windows DSC Attack Framework | [PPT Link](https://www.blackhat.com/docs/asia-16/materials/asia-16-Kazanciyan-DSCompromised-A-Windows-DSC-Attack-Framework.pdf) | \n| | BlackHat-USA-2017-INFECTING-THE-ENTERPRISE-ABUSING-OFFICE365+POWERSHELL-FOR-COVERT-C2 | [PPT Link](https://www.blackhat.com/docs/us-17/wednesday/us-17-Dods-Infecting-The-Enterprise-Abusing-Office365-Powershell-For-Covert-C2.pdf)\n| | Splunk-USA-2016-hunting-the-known-unknowns-the-PowerShell-edition | [PPT Link](https://conf.splunk.com/files/2016/slides/hunting-the-known-unknowns-the-powershell-edition.pdf)\n| | BlackHat-USA-2019-PowerShell-module-for-administering-Office-365/Azure-AD| [PPT Link](https://aadinternals.com/images/posts/BH_USA19_AADInternals.pdf)\n| | PowerShell for Penetration Testers | [PPT Link](https://paper.bobylive.com/Meeting_Papers/BlackHat/Europe-2013/bh-eu-13-powershell-for-penetration-mittal-slides.pdf) |\n| | HTTB-SECONF-Exploit-with-Shell-Reverse-Infection-PowerShell-using-VBS | [PPT Link](https://conference.hitb.org/hitbsecconf2021ams/materials/D1%20COMMSEC%20-%20Exploitation%20with%20Shell%20Reverse%20and%20Infection%20with%20PowerShell%20-%20Filipi%20Pires.pdf) |\n| | \n| Powershell Papers | CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE | [Link](https://media.defense.gov/2022/Jun/22/2003021689/-1/-1/0/CSI_KEEPING_POWERSHELL_SECURITY_MEASURES_TO_USE_AND_EMBRACE_20220622.PDF) \n| Cheat Sheets for Powershell | Cheat Sheet by SanS | [Cheat Sheet](https://www.sans.org/blog/sans-pen-test-cheat-sheet-powershell) | \n| | Cheat Sheet by Microsoft | [Cheat Sheet](https://download.microsoft.com/download/2/1/2/2122f0b9-0ee6-4e6d-bfd6-f9dcd27c07f9/ws12_quickref_download_files/powershell_langref_v3.pdf)\n| | Reverse Shell Cheat Sheet | [Cheat Sheer](https://github.com/d4t4s3c/Offensive-Reverse-Shell-Cheat-Sheet)\n| Powershell Books (Worth) | Windows Security Internals with PowerShell (Aid. 2024) | [Redirect](https://www.amazon.com/Windows-Security-Internals-PowerShell-Forshaw/dp/1718501986/ref=sr_1_3?refinements=p_28%3APowerShell\u0026s=books\u0026sr=1-3)\n| | The Complete Ultimate Windows Powershell Beginners Guide (Aid. 2017) | [Redirect](https://www.amazon.com/Powershell-Complete-Beginners-Scripting-Programming/dp/1979190860/ref=sr_1_4?refinements=p_28%3APowerShell\u0026s=books\u0026sr=1-4)\n| |PowerShell Automation and Scripting for Cybersecurity (Aid. 2023) | [Redirect](https://www.amazon.com/PowerShell-Automation-Scripting-Cybersecurity-Hacking/dp/1800566379/ref=sr_1_2?qid=1697914504\u0026refinements=p_28%3APowerShell\u0026s=books\u0026sr=1-2) |\n| Top Powershell Tools | Powershell Empire | [Repo Link](https://github.com/EmpireProject/Empire.git) |\n| | WinPwn | [Repo Link](https://github.com/S3cur3Th1sSh1t/WinPwn.git) | \n| | PersistenceSniper| [Code Link](https://github.com/last-byte/PersistenceSniper/tree/main/PersistenceSniper) | \n| | PowerLessShell | [Repo Link](https://github.com/Mr-Un1k0d3r/PowerLessShell.git) | \n| Free Powershell Books Around the Internet | Learning Powershell from Stack Overflow Contributors | [PDF Link](https://riptutorial.com/Download/powershell.pdf) |\n| | Mastering Windows Powershell Scripting | [PDF Link](https://static.spiceworks.com/attachments/post/0017/6852/MASTERING_PS_eBook.pdf) | \n| | Learn Windows PowerShell In A Month Of Lunches | [PDF Link](https://russblog554767213.files.wordpress.com/2018/11/learn-windows-powershell-in-a-month-of-lunches.pdf) |\n| | EA - Windows Security Internals with PowerShell | [PDF Link](https://mega.nz/file/CVxFFJLJ#sy1vKS5s5stg8L80_qUCmV9QDas__Guq5eHYg1XJoKI)\n| | Increased use of Powershell Attacks | [PDF Link](https://docs.broadcom.com/doc/increased-use-of-powershell-in-attacks-16-en) |\n| | Hands-On Penetration Testing on Windows | [PDF Link](https://hackerzambie.files.wordpress.com/2020/02/hands-on-penetration-testing-on-windows-unleash-kali-linux-powershell-and-windows-debugging-tools-for-security-testing-and-analysis-.pdf) |\n| | ScriptRunner PowerShell Security Ebook 2020 | [PDF Link](https://f.hubspotusercontent30.net/hubfs/3408889/Content/E-Book%20Security/ScriptRunner_PowerShell_Security_Ebook_2020_EN.pdf) |\n\n\u003c!---\n\u003ch3\u003eBasic of Windows Systems [ History , Works , methods , Tricks ] \u003c/h3\u003e\n\u003cb\u003eJust an Bunch of Theories . If you are an Scirpt Kiddie (New to Hack) Then this may help you to understand things \u003c/b\u003e\u003cbr\u003e\u003cbr\u003e\nWINDOWS-BASICS -\u003e \u003ca href='https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/windows-basic.md' \u003e Look Here \u003c/a\u003e\n\u003cbr\u003e\nWINDOWS-PENTEST-METHODS -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basics/win-pentest-methods.md\" target=\"_blank\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nCOMMON-PORTS-AND-SERVICE -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basics/Common-ports-and-service.md\" \u003e Look Here \u003c/a\u003e\n \u003cbr\u003e\nBASIC-COMMANDS -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basic-Commands.md\" \u003e Look Here \u003c/a\u003e\n\n\u003ch3\u003e (PS) Powershell [ Scripts || Commands ] \u003c/h3\u003e\nPS-010 (Ping-Play)-\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-Script-for-Hackers/blob/main/PS-010.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nPS-020 (Attacks)-\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/PS-020.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nps-030 (KEY-STOKES) -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/KEYSTROKES%20USING%20POWERSHELL.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nPS-040 (Win-Defender) -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/DEFENDER_USING_POWERSHELL.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nps-050 (Silent-Installer) -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Silent-Installer.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nPS-060 (Basics of Mimikaz) -\u003e \u003ca href=\"https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/mimikaz.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nPS-070-N (Adv Network Enumeration) -\u003e\u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Enumeration/Network.md\" \u003e Look Here\u003c/a\u003e\u003cbr\u003e\nPS-070-M (Adv Machine Enumeration) -\u003e\u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Enumeration/Windows_Enum.md\" \u003e Look Here\u003c/a\u003e\u003c/br\u003e\n\n\u003ch3\u003e Complicated Part \u003c/h3\u003e\nSYSTEM32 -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/SYSTEM32.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nREVERSE-SHELL -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/tree/main/Reverse-Shell\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nSCRIPT-FILES.ps1 -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/tree/main/scripts\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\nUNDETECTABE-KEYLOGGER -\u003e \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/KEY-LOGGER.md\" \u003e Look Here \u003c/a\u003e\u003cbr\u003e\n\n\u003ch3\u003e Powershell Blogs \u003ca href=\"https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/tree/main#rwh-series\" \u003e # \u003c/a\u003e\u003c/h3\u003e\nAUTOMATED POWERSHELL ATTACKS -\u003e \u003ca href=\"https://medium.com/@smukx/automate-powershell-attacks-using-mavoc-tool-9adcd0c7a1f\" \u003e Blog \u003c/a\u003e \u003cbr\u003e\nPOWERSHELL TURLA SERIES -\u003e \u003ca href=\"https://github.com/Whitecat18/Powershell-Scripts-for-Hackers-and-Pentesters/blob/main/Basics/turla_powershell.md\" \u003e Blog\u003c/a\u003e\u003cbr\u003e\n\u003cbr\u003e\n----\u003e\n--------------------\n\n\u003ch3\u003eRWH-Series\u003c/h3\u003e\nReal-world Series is a blog, where I will write the techniques and methods that Real World Hackers use to harm, breach, and crash data on Govt, Military, citizens, companies, etc .. \u003cbr\u003e\u003cbr\u003e\n\nNow All the RWH has been linked at the blog category. \n\n-------------------\n\n\n \u003cp style=\"color:red;\" \u003e \u003cb\u003eATTENCTION HERE : \u003c/b\u003e\u003cbr\u003eThis repository consists of several parts\n PS-010 contains basic commands that are both fun and effective for attacking.\n \u003c/p\u003e \n \n \u003cb\u003ePlease Note that Windows's security will change daily and they will try to Improve the Security. So some scripts may or may not work. If Some new scripts don't work! without hesitation notify me at \u003ca href=\"https://x.com/5mukx/\"\u003e Twitter \u003c/b\u003e\u003c/a\u003e\u003cbr\u003e\n \n Reach out to my Windows Security Blog where I Explained pentesting methods and how you can use this repository to achieve certain Tasks ;) . [Still Writing] Link : \u003ca href=\"https://kavin-2.gitbook.io/blog/cybersec/windows-pentest-series\" \u003e Windows Pentest Series \u003c/a\u003e\n \u003cbr\u003e\n \n\u003c!---Badge Here---\u003e\n### :\u003e Note ⚠️\n\n**If you find any wrong code / copyrighted content, please kindly inform me via Email: smukx@proton.me. I will verify and fix the issue, else I will remove the content and create a new one. Thank you !!**\n\n:: Cloning This Repo on git will remove some Powershell scripts. \n \n\n### Improvements and Tips\n\n\u003cp\u003eHow to use my Repositary as \u003ca href=\"https://github.com/Whitecat18/Ps-script-for-Hackers-and-Pentesters/blob/main/Basics/use%20my%20Repository%20as%20book.md\" \u003e Book \u003c/a\u003e \u003c/p\u003e\n\n\u003cp\u003eImproving at writing blogs on my website, but at present, I'm on a learning curve so I can't write all the blogs about it :(\u003c/p\u003e\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhitecat18%2Fpowershell-scripts-for-hackers-and-pentesters","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhitecat18%2Fpowershell-scripts-for-hackers-and-pentesters","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhitecat18%2Fpowershell-scripts-for-hackers-and-pentesters/lists"}