Navigation



PowerShellArsenal – PowerShell For Reverse Engineering

Last updated: December 18, 2016 | 5,018 views

PowerShellArsenal is basically PowerShell for reverse engineering in a module format. The module can be used to disassemble managed and unmanaged code, perform .NET malware analysis, analyse/scrape memory, parse file formats and memory structures, obtain internal system information, etc.

PowerShellArsenal - PowerShell For Reverse Engineering

PowerShellArsenal is comprised of the following tools:

Disassembly – Disassemble native and managed code.
MalwareAnalysis – Useful tools when performing malware analysis.
MemoryTools – Inspect and analyze process memory.
Parsers – Parse file formats and in-memory structures.
WindowsInternals – Obtain and analyze low-level Windows OS information.
Misc – Miscellaneous helper functions.
Lib – Libraries required by some of the RE functions.


Usage

To install this module, drop the entire PowerShellArsenal folder into one of your module directories. The default PowerShell module paths are listed in the $Env:PSModulePath environment variable.

To use the module, type:

To see the commands imported, type:

For help on each individual command, Get-Help is your friend.

You can download PowerShellArsenal here:

PowerShellArsenal-master.zip

Or read more here.

Share203
Tweet6
Share112
Buffer
WhatsApp
Email
321 Shares
Posted in: Forensics, Secure Coding

, , ,


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
April 30, 2022 - 30 Shares
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
January 24, 2022 - 15 Shares
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
January 5, 2022 - 20 Shares
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
December 30, 2021 - 16 Shares
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
August 31, 2021 - 293 Shares
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
July 7, 2021 - 205 Shares


Comments are closed.