Cargar en memoria y ejecutar un payload de ejecución de comandos arbitrarios en PowerShell

HxD – Freeware Hex Editor and Disk Editor

HxD is a carefully designed and fast hex editor which, additionally to raw disk editing and modifying of main memory (RAM), handles files of any size.

The easy to use interface offers features such as searching and replacing, exporting, checksums/digests, insertion of byte patterns, a file shredder, concatenation or splitting of files, statistics and much more.

Editing works like in a text editor with a focus on a simple and task-oriented operation, as such functions were streamlined to hide differences that are purely technical.
For example, drives and memory are presented similar to a file and are shown as a whole, in contrast to a sector/region-limited view that cuts off data which potentially belongs together. Drives and memory can be edited the same way as a regular file including support for undo. In addition memory-sections define a foldable region and inaccessible sections are hidden by default.

Furthermore a lot of effort was put into making operations fast and efficient, instead of forcing you to use specialized functions for technical reasons or arbitrarily limiting file sizes. This includes a responsive interface and progress indicators for lengthy operations.

More information

https://mh-nexus.de/en/hxd/

Realizar una captura de pantalla mediante una interfaz gráfica creada con PowerShell

 

Ejecutar Google Chrome utilizando Start-Process en Base64

ejecutar-google-chrome-utilizando-start-process-en-base64

 

Abrir una cuenta de Twitter y hacer capturas de pantalla de los tuits

 

Obtener el color de un pixel y almacenarlo en un fichero html

Windows Post Exploitation Cmdlets Execution (PowerShell)

Presence

This section focuses on information gathering about the victim host and the network that it’s attached to.

System

shows-all-current-environmental-variables-macos

WMI

Networking

Users

Configs

Finding important files

Files to pull

Remote system access

Software

Auto­Start directories


Persistance

This section focuses on gaining a foothold to re­gain, or re­obtain access to a system through means of authentication, backdoors, etc..

Download

Compress or expand ZIP archive

Reg command exit

Deleting logs

Uninstalling software „Antivirus“

Invasive or altering commands

Dividir una captura de pantalla en sectores