PowerOPS – PowerShell Runspace Portable Post Exploitation Tool


PowerShell Runspace Portable Post Exploitation Tool aimed at making Penetration Testing with PowerShell “easier”. PowerOPS is an application written in C# that does not rely on powershell.exe but runs PowerShell commands and functions within a powershell runspace environment (.NET). It intends to include multiple offensive PowerShell modules to make the process of Post Exploitation easier.

PowerOPS - PowerShell Runspace Portable Post Exploitation Tool

It tries to follow the KISS principle, being as simple as possible. The main goal is to make it easy to use PowerShell offensively and help to evade antivirus and other mitigations solutions. It does this by:

  1. Doesn’t rely on powershell.exe, it calls PowerShell directly through the .NET framework, which might help bypassing security controls like GPO, SRP and App Locker.
  2. The payloads are executed from memory and never touch disk, evading most antivirus engines.

Since PowerOPS offers basically an interactive PowerShell command prompt you are free to use the PowerShell tools included the way you want, and additionally execute any valid PowerShell command.

What’s Inside The Runspace

  • PowerShellMafia/Powersploit
    • Get-Keystrokes
    • Invoke-DllInjection
    • Invoke-Mimikatz
    • Invoke-NinjaCopy
    • Invoke-Shellcode
    • Invoke-ReflectivePEInjection
    • Invoke-TokenManipulation
    • Invoke-WMICommand
    • PowerUp
    • PowerView
  • Nishang
    • Get-Information
    • Get-PassHashes
    • Port-Scan
  • Auto-GPPPassword
  • PowerCat
  • Empire
    • Invoke-Psexec
    • Invoke-SSHCommand
  • mimikittenz
  • SMBAutoBrute
  • PowerUpSQL

Additionally you can run any valid PowerShell command.


Powershell functions within the Runspace are loaded in memory from Base64 Encoded Strings.

Usage

Just run the binary and type ‘show’ to list available modules.

You can download PowerOPS here:

PowerOPS-v1.0-beta.zip

Or read more here.

Posted in: Hacking Tools

, ,


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.


Comments are closed.