Top 3 PowerShell Malware Projects

WiFi-password-stealer

1 323 6.9 PowerShell

Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).

Project mention: Show HN: BadUSB that can exfiltrate stored WiFi passwords | news.ycombinator.com | 2023-10-08

Trawler

6 288 5.2 PowerShell

PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.

Project mention: Non-SysAdmin Use Cases for PowerShell? Basically, any use cases NOT involving network, RDP, system config, IT/LAN admin type stuff? | /r/PowerShell | 2023-05-10

I use it for DFIR work - example - https://github.com/joeavanzato/Trawler

WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
VBoxCloak

3 256 2.8 PowerShell

A PowerShell script that attempts to help malware analysts hide their Windows VirtualBox Windows VM's from malware that may be trying to evade analysis. Guaranteed to bring down your pafish ratings by at least a few points ;)

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).