Nishang - Post Exploitation Powershell toolkit 03-12-2015, 12:55 AM
#1
NISHANG
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Link to the GitHub:
https://github.com/samratashok/nishang
Notes from the developer:
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and during Penetraion Tests. Nishang is useful during various phases of a penetration test and is most powerful for post exploitation usage.
Notes from myself:
The scripts provided from the nishang toolkit work fairly well, and provides quick and easy methods of persistence on an exploited host when you are in a pinch. Considering that these scripts run naively on all Windows (7 and above) hosts with very little configuration or prep time.
While I really enjoy these scripts, its important to note that these scripts are louder when compared to some of the alternatives I have worked with. Several of these scripts may trigger logged events that must be purged and almost all of them require a running process in some form or another. Antak will address some of these issues.... But I have personally had some mixed results with these additions.
Pitfalls:
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Link to the GitHub:
https://github.com/samratashok/nishang
Notes from the developer:
Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and during Penetraion Tests. Nishang is useful during various phases of a penetration test and is most powerful for post exploitation usage.
Notes from myself:
The scripts provided from the nishang toolkit work fairly well, and provides quick and easy methods of persistence on an exploited host when you are in a pinch. Considering that these scripts run naively on all Windows (7 and above) hosts with very little configuration or prep time.
While I really enjoy these scripts, its important to note that these scripts are louder when compared to some of the alternatives I have worked with. Several of these scripts may trigger logged events that must be purged and almost all of them require a running process in some form or another. Antak will address some of these issues.... But I have personally had some mixed results with these additions.
Pitfalls:
- Some of the more useful tools require administrative access (So priv escalation is essential!)
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)