PowerSploit is a collection of Microsoft PowerShell modules designed for penetration testing activities across multiple assessment phases. The framework provides modules for various offensive security techniques including: - Code execution capabilities for running arbitrary commands and scripts - DLL injection methods for loading dynamic link libraries into target processes - Reflective PE injection for loading portable executables directly into memory - Shellcode injection techniques for executing machine code payloads - WMI command execution for leveraging Windows Management Instrumentation - Script modification tools for altering PowerShell scripts and bypassing restrictions - Encoding and compression utilities for obfuscating payloads and data - Encryption modules for securing communications and data - Persistence mechanisms for maintaining access to compromised systems The modules are structured to support different stages of penetration testing workflows, from initial access and privilege escalation to post-exploitation activities. PowerSploit operates within the PowerShell environment, utilizing native Windows functionality to perform security assessments and red team operations.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.
A digital archive of the internet, allowing users to capture and browse archived web pages.
SauronEye helps in identifying files containing sensitive data such as passwords through targeted directory searches.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.