Powershell-Reverse-Rubber-Ducky - Powershell Reverse Rubber Ducky

  •        11

Powershell Reverse Rubber Ducky

https://github.com/jamesbcook/Powershell-Reverse-Rubber-Ducky

Tags
Implementation
License
Platform

   




Related Projects

wifi_ducky - Upload, save and run keystroke injection payloads with an ESP8266 + ATMEGA32U4

  •    C

It's a Wi-Fi controlled BadUSB device to remotely execute Ducky Scripts. Using a USB device which act as a keyboard to inject keystrokes is well known these days. The USB Rubber Ducky by Hak5 is THE hacker gadget for this kind of attack. It introduced a simple script language called Ducky Script, which this project uses too.

PowerShellArsenal - A PowerShell Module Dedicated to Reverse Engineering

  •    PowerShell

Disassemble native and managed code. Disassembles a byte array using the Capstone Engine disassembly framework.

rubber - A capistrano/rails plugin that makes it easy to deploy/manage/scale to various service providers, including EC2, DigitalOcean, vSphere, and bare metal servers

  •    Ruby

The rubber plugin enables relatively complex multi-instance deployments of RubyOnRails applications to Amazon's Elastic Compute Cloud (EC2).

capstone - Capstone disassembly/disassembler framework: Core (Arm, Arm64, EVM, M68K, M680X, Mips, PPC, Sparc, SystemZ, TMS320C64x, X86, X86_64, XCore) + bindings (Python, Java, Ocaml, PowerShell, Visual Basic)

  •    C

Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community. Support multiple hardware architectures: ARM, ARM64 (ARMv8), Ethereum VM, M68K, Mips, PPC, Sparc, SystemZ, TMS320C64X, M680X, XCore and X86 (including X86_64).


awesome-powershell - A curated list of delightful PowerShell modules and resources

  •    

A curated list of delightful PowerShell packages and resources. PowerShell is a cross-platform (Windows, Linux, and macOS) automation and configuration tool that is optimized for dealing with structured data (e.g. JSON, CSV, XML, etc.), REST APIs, and object models. It includes a command-line shell and an associated scripting language.

Web based PowerShell Console

  •    

The "Web based PowerShell Console" enables you to execute PowerShell Scripts and Cmdlets via a Web or Browser based PowerShell Console. Just install the tool on a mchine running IIS and use PowerShell via network!

PowerShell-Docs - The official PowerShell documentation sources

  •    PowerShell

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments. Welcome to the PowerShell-Docs repository, housing the official PowerShell documentation.

PSAttack - A portable console aimed at making pentesting with PowerShell a little easier.

  •    CSharp

A portable console aimed at making pentesting with PowerShell a little easier. PS>Attack combines some of the best projects in the infosec powershell community into a self contained custom PowerShell console. It's designed to make it easy to use PowerShell offensively and to evade antivirus and Incident Response teams. It does this with in a couple of ways.

Random-PowerShell-Work - Random PowerShell Work

  •    PowerShell

If you get some use out of my scripts, drop me a few bucks. This is a conglomeration of PowerShell scripts that I've written over the years. If you'd like more PowerShell awesomeness check out my blog at Adam, the Automator. This is where I write about automation, lots of PowerShell and post regularly about time-saving tricks with PowerShell.

dontbug - Dontbug is a reverse debugger for PHP

  •    Go

Dontbug is a reverse debugger (aka time travel debugger) for PHP. It allows you to record the execution of PHP scripts (in command line mode or in the browser) and replay the same execution back in a PHP IDE debugger. During replay you may debug normally (forward mode debugging) or in reverse, which allows you to step over/out backwards, step backwards, run backwards, run to cursor backwards, set breakpoints in the past and so forth. Debugging with the ability to run in reverse allows you to hunt down bugs much more easily. It also allows you to understand the runtime behavior of large PHP codebases more efficiently.

PowerShell Management Library for TEM

  •    

A project to provide a PowerShell functionality for managing your Tivoli Endpoint Manager (built upon BigFix technology). You can locally or remotely manage endpoints and relays via these simple and easy to use PowerShell Module.

PowerShellGet - PowerShellGet is the Package Manager for PowerShell

  •    PowerShell

PowerShellGet is a PowerShell module with commands for discovering, installing, updating and publishing the PowerShell artifacts like Modules, DSC Resources, Role Capabilities and Scripts. PowerShellGet module is also integrated with the PackageManagement module as a provider, users can also use the PackageManagement cmdlets for discovering, installing and updating the PowerShell artifacts like Modules and Scripts.

unicorn - Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory

  •    Python

Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Usage is simple, just run Magic Unicorn (ensure Metasploit is installed if using Metasploit methods and in the right path) and magic unicorn will automatically generate a powershell command that you need to simply cut and paste the powershell code into a command line window or through a payload delivery system. Unicorn supports your own shellcode, cobalt strike, and Metasploit.

Empire - Empire is a PowerShell and Python post-exploitation agent.

  •    PowerShell

Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from key loggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework. PowerShell Empire premiered at BSidesLV in 2015 and Python EmPyre premeiered at HackMiami 2016. Empire relies heavily on the work from several other projects for its underlying functionality. We have tried to call out a few of those people we've interacted with heavily here and have included author/reference link information in the source of each Empire module as appropriate. If we have failed to improperly cite existing or prior work, please let us know.

PoshC2 - Powershell C2 Server and Implants

  •    PowerShell

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework. PowerShell was chosen as the base language as it provides all of the functionality and rich features required without needing to introduce multiple languages to the framework. Requires only Powershell v2 on the client.

Revoke-Obfuscation - PowerShell Obfuscation Detection Framework

  •    PowerShell

Revoke-Obfuscation is a PowerShell v3.0+ compatible PowerShell obfuscation detection framework. In the Fall of 2016 and Spring of 2017, Daniel Bohannon (@danielhbohannon) released Invoke-Obfuscation and Invoke-CradleCrafter, two open-source PowerShell obfuscation frameworks. The goal of this research and these frameworks was to highlight the limitations of a purely signature-based approach to detecting attackers' usage of PowerShell. The core message to defenders has been to focus on detecting Indicators of Obfuscation in addition to known suspicious syntax.

cutter - A Qt and C++ GUI for radare2 reverse engineering framework

  •    C++

Cutter is a Qt and C++ GUI for radare2. Its goal is making an advanced, customizable and FOSS reverse-engineering platform while keeping the user experience at mind. Cutter is created by reverse engineers for reverse engineers. Cutter is available for all platforms (Linux, OS X, Windows). You can download the latest release here.

PSRR - Remote Registry PowerShell 3.0 Module

  •    

Remote Registry PowerShell Module to manage the registry with Windows PowerShell. This version supports the new improvement in .NET 4 to specify a 32-bit or 64-bit view of the registry with the Microsoft.Win32.RegistryView enumeration when you open base keys.