Powershell for PenTest by Joas Introduction https://docs.microsoft.com/en-us/powershell/scripting/developer/prog-guide/windows-powershell-concepts?view=powershell-7.1 https://docs.microsoft.com/en-us/powershell/scripting/overview?view=powershell-7.1 https://www.techrepublic.com/blog/10-things/10-fundamental-concepts-for-powershell-scripting/ https://en.wikipedia.org/wiki/PowerShell https://www.networkworld.com/article/2268752/chapter-2--basic-powershell-concepts.html https://www.guru99.com/powershell-tutorial.html https://thecrazyconsultant.com/powershell-study-guide-core-concepts/ https://www.pcmag.com/encyclopedia/term/powershell https://www.techopedia.com/definition/25975/powershell https://www.youtube.com/watch?v=u3zXMv69uNA&ab_channel=ResearchTrianglePowerShellUsersGroup Recon https://sid-500.com/2017/11/12/test-port-use-powershell-as-a-port-scanner/ https://techcommunity.microsoft.com/t5/itops-talk-blog/powershell-basics-how-to-scan-open-ports-within-a-network/ba-p/924149 http://5ubtools.blogspot.com/ https://github.com/Z3R0TH-13/ENUM https://github.com/PyroTek3/PowerShell-AD-Recon https://stealthbits.com/blog/performing-domain-reconnaissance-using-powershell/ https://medium.com/@smurf3r5/recon-domain-shares-872914697980 https://www.hebunilhanli.com/wonderland/ad-pentest/recon-with-powershell/ https://periciacomputacional.com/pentesting-with-powershell-in-six-steps/ https://github.com/EliteLoser/PSnmap https://medium.com/@drag0n/some-useful-interesting-powershell-scripts-9b9490cee0cd https://adsecurity.org/?p=2535 https://www.varonis.com/blog/powerview-for-penetration-testing/ https://www.sans.org/blog/pen-test-poster-white-board-powershell-built-in-port-scanner/ https://github.com/scipag/PowerShellUtilities https://www.adamcouch.co.uk/conducting-powershell-port-scan/ https://www.infosecmatter.com/port-scanner-in-powershell-tcp-udp-ps1/ https://github.com/xorrior/RemoteRecon https://github.com/XORRIOR/REMOTERECON Exploit https://github.com/PowerShellMafia/PowerSploit https://pentestlab.blog/tag/powersploit/ https://www.cyberpunk.rs/powersploit-powershell-post-exploitation-framework https://www.darknet.org.uk/2015/12/powersploit-powershell-post-exploitation-framework/ https://attack.mitre.org/software/S0194/ https://adsecurity.org/?tag=powersploit https://medium.com/@benoit.sevens/powershell-av-evasion-4e4bb6a6a961 https://www.youtube.com/watch?v=otpPnWbEaDA&ab_channel=ChiefRiver https://www.youtube.com/watch?v=LEll6qa-REY&ab_channel=Metasploitation https://www.youtube.com/watch?v=b-XjnmFZ7Ls&ab_channel=%5BMister_Bert0ni%5D https://www.youtube.com/watch?v=zbmOs_fNxng&ab_channel=SecurityNotes https://www.youtube.com/watch?v=52xkWbDMUUM&ab_channel=HackerSploit https://www.youtube.com/watch?v=0gHS3U9zMKI&ab_channel=GusKhawaja https://www.powershellempire.com/ https://ratiros01.medium.com/tryhackme-ps-empire-bd96fbf822cc https://stealthbits.com/blog/next-gen-open-source-c2-frameworks/ Post Exploitation https://www.hackingarticles.in/hacking-with-empire-powershell-post-exploitation-agent/ https://null-byte.wonderhowto.com/how-to/use-powershell-empire-getting-started-with-post-exploitation-windows-hosts-0178664/ https://www.cyberpunk.rs/empire-powershell-post-exploitation-framework https://github.com/jaredhaight/Invoke-MetasploitPayload https://medium.com/SWLH/FUN-WITH-POWERSHELL-PAYLOAD-EXECUTION-AND-EVASION-F5051FD149B2 https://github.com/trustedsec/unicorn https://github.com/loadenmb/tvasion https://threat.tevora.com/dissecting-veil-evasion-powershell-payloads-and-converting-to-a-bind-shell/ https://hakin9.org/xencrypt-a-powershell-script-anti-virus-evasion-tool/ https://arno0x0x.wordpress.com/2016/04/13/meterpreter-av-ids-evasion-powershell/ https://hack-ed.net/2016/04/04/veil-evasion-payloads-made-easy/ https://kaizensecurity.wordpress.com/2016/08/19/metasploit-av-evasion-with-powershell/ https://www.blackhat.com/docs/eu-17/materials/eu-17-Thompson-Red-Team-Techniques-For-Evading-Bypassing-And-Disabling-MS-Advanced-Threat-Protection-And-Advanced-Threat-Analytics.pdf https://www.blackhat.com/docs/us-14/materials/us-14-Kazanciyan-Investigating-Powershell-Attacks-WP.pdf https://resources.infosecinstitute.com/topic/powershell-for-pentesters-part-5-remoting-with-powershell/ https://pentestn00b.wordpress.com/2016/08/22/powershell-psremoting-pwnage/ https://kalilinuxtutorials.com/evil-winrm-hacking-pentesting/ https://www.rapid7.com/DB/MODULES/EXPLOIT/WINDOWS/LOCAL/POWERSHELL_REMOTING/ https://www.youtube.com/watch?v=tVgJ-9FJKxE&ab_channel=Hak5 https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md https://www.youtube.com/watch?v=KKfrjTlm5LI&ab_channel=InfoSecAddicts https://hackersinterview.com/OSCP/REVERSE-SHELL-ONE-LINERS-OSCP-CHEATSHEET/ https://www.youtube.com/watch?v=KKfrjTlm5LI&ab_channel=InfoSecAddicts https://www.offensive-security.com/offsec/kali-linux-powershell-pentesting/ https://securityonline.info/reverse-powershell/ https://www.ired.team/miscellaneous-reversing-forensics/windows-kernel-internals/get-injectedthread https://medium.com/@threatpointer/pentesting-powershell-remoting-fa605ef325d4 https://medium.com/@subhammisra45/lateral-movement-powershell-remoting-89da402a9885 https://posts.specterops.io/offensive-lateral-movement-1744ae62b14f https://pt.slideshare.net/kieranjacobsen/lateral-movement-with-power-shell-2 https://www.ired.team/offensive-security/lateral-movement/wmi-+-powershell-desired-state-configuration-lateral-movement https://gennaromigliaccio.com/LATERAL-MOVEMENT-TACTICS-AND-TECHNIQUES https://www.snaplabs.io/insights/lateral-movement-methods-and-good-practices https://gist.github.com/jaredcatkinson/c95fd1e4e76a4b9b966861f64782f5a9 https://attack.mitre.org/software/S0029/ https://www.offensive-security.com/metasploit-unleashed/psexec-pass-hash/ https://www.contextis.com/us/blog/lateral-movement-a-deep-look-into-psexec https://www.mindpointgroup.com/blog/lateral-movement-with-psexec https://redcanary.com/blog/threat-hunting-psexec-lateral-movement/ https://medium.com/@upadhyay.varun/pass-the-hash-attack-b0f214b2884a https://periciacomputacional.com/windows-account-hijacking-psexec-e-suas-possibilidades/ https://pentestlab.blog/tag/psexec/ https://www.poftut.com/use-psexec-tools-run-commands-get-shell-remote-windows-systems/ https://www.ired.team/offensive-security/lateral-movement/lateral-movement-with-psexec https://www.varonis.com/blog/how-to-use-powershell-for-privilege-escalation-with-local-computer-accounts/ https://github.com/frizb/Windows-Privilege-Escalation https://www.youtube.com/watch?v=-sBXN-cGUD0&ab_channel=PentesterAcademyTV https://hakin9.org/privesccheck-privilege-escalation-enumeration-script-for-windows/ https://githacktools.blogspot.com/2019/04/winroothelper-windows-privilege-escalation-powershell-script.html https://www.hackingarticles.in/window-privilege-escalation-automated-script/ https://www.youtube.com/watch?v=bAnohAiAQ7U&ab_channel=SANSOffensiveOperations https://www.youtube.com/watch?v=v0zYorQ0eEY&ab_channel=PowerShellEmpireTutorials https://www.youtube.com/watch?v=dzJfiIw3kZE&ab_channel=Moss%C3%A9CyberSecurityInstitute https://github.com/rmusser01/Infosec_Reference/blob/master/Draft/PrivescPostEx.md https://pentestlab.blog/2017/08/19/COMMAND-AND-CONTROL-POWERSHELL/ https://enigma0x3.net/2014/01/17/command-and-control-using-powershell-and-your-favorite-website/ https://www.snaplabs.io/insights/command-and-control-with-powershell-empire-pt1 https://www.youtube.com/watch?v=OH-lcn5K9k8&ab_channel=Cover6Solutions https://truneski.github.io/blog/2017/03/03/dropbox-command-and-control-over-powershell-with-invoke-dbc2/ https://www.cover6solutions.com/webinar-intro-to-c2-with-powershell-empire/ https://pentestlab.blog/2019/11/05/persistence-powershell-profile/ https://pentestlab.blog/2019/11/04/PERSISTENCE-SCHEDULED-TASKS/ https://github.com/emilyanncr/Windows-Post-Exploitation https://adsecurity.org/?p=429 https://www.ired.team/offensive-security/exfiltration https://www.hackingarticles.in/DATA-EXFILTRATION-USING-POWERSHELL-EMPIRE/ https://www.sans.org/webcasts/pen-testing-powershell-data-exfiltration-techniques-108740/ https://blog.stackattack.net/2019/03/14/quick-hit-base64-powershell-exfiltration/ https://www.sevenlayers.com/index.php/305-powershell-data-exfil My Social Networks https://www.linkedin.com/in/joas-antonio-dos-santos https://twitter.com/C0d3Cr4zy