https://github.com/notoriousrebel/remapper

A simple script to shim aliases
https://github.com/notoriousrebel/remapper

powershell redteam windows

Last synced: 3 months ago
JSON representation

A simple script to shim aliases

• Host: GitHub
• URL: https://github.com/notoriousrebel/remapper
• Owner: NotoriousRebel
• License: bsd-3-clause
• Created: 2019-09-12T23:39:37.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2019-11-24T22:17:17.000Z (about 6 years ago)
• Last Synced: 2025-06-07T06:39:42.987Z (8 months ago)
• Topics: powershell, redteam, windows
• Language: PowerShell
• Homepage:
• Size: 36.1 KB
• Stars: 4
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Remapper

PowerShell script that will shim aliases throughout PowerShell sessions through the use

of PowerShell profiles.

## Why

This is an interesting technique that red teamers can use to maintain persistence as well

as achieve code execution.

See more here [Abusing_Aliases](https://notoriousrebel.space/2019-11-24-using-and-abusing-aliases-with-powershell/)

## How to Use?

Edit the first few lines where functions are defined this is where

you want to modify the functions. After that make sure

with the shimmed_alias function after \$value you put

your functions if you modified their names or added

or removed any. After that simply run the script.

## License

This project is licensed under the BSD 3-Clause License -

see the [License](LICENSE) file for details

### Roadmap

- [ ] Add option to shim aliases for Command Prompt Sessions

- [ ] Research if shimming built in PowerShell functions if feasible

- [ ] Add option to deploy through CLR hooking instead of PowerShell Profile