PowershellCrypter

PowershellCrypter is a post-exploitation tool for bypassing AV by obfuscating scripts with the use of AES encryption. Both encrypterAES.ps1 and decrypterAES.ps1 can be found as one-liner in the project

encrypterAES.ps1 must be executed from the Attacker machine,the output file must be uploaded by the Attacker somewhere to be subsequently downloaded from the target with decrypterAES.ps1
decrypterAES.ps1 must be executed from the Target machine

Note

In the example we have used a Powershell script(.ps1) encrypted by encrypterAES.ps1 and executed by decrypterAES.ps1 with the expression IEX($backToPlainText). Anyway with some modification is possible to execute any payload that we want to deliver.

Name		Name	Last commit message	Last commit date
Latest commit History 42 Commits
examples		examples
(working-project)encrypterAESv2.ps1		(working-project)encrypterAESv2.ps1
README.md		README.md
decrypterAES.ps1		decrypterAES.ps1
decrypterAES2.ps1		decrypterAES2.ps1
decrypterAES_one-liner.ps1		decrypterAES_one-liner.ps1
encrypterAES.ps1		encrypterAES.ps1
encrypterAES_one-liner.ps1		encrypterAES_one-liner.ps1
work-in-progress.decrypterAESv2.ps1		work-in-progress.decrypterAESv2.ps1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

PowershellCrypter

Note

About

Uh oh!

Releases

Packages

Languages

DenFox93/PowershellCrypter

Folders and files

Latest commit

History

Repository files navigation

PowershellCrypter

Note

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages