Nishang 0.3.0 released - Penetration Testing Using PowerShell

Nishang is a framework and collection of scripts and payloads which enables usage of PowerShell for offensive security and post exploitation during Penetraion Tests. The scripts are written on the basis of requirement by the author during real Penetration Tests.

PAYLOADS

It contains many interesting scripts like download and execute, keylogger, dns txt pwnage, wait for command and much more.

HELP

All payloads and scripts are Get-Help compatible. Use "Get-Help <scriptname.ps1> -full" on a PowerShell prompt to get full help details.

LATEST CODE

Checkout svn repo for latest code

svn checkout http://nishang.googlecode.com/svn/trunk/ nishang

More details on my blog http://labofapenetrationtester.blogspot.com

CHANGELOG

• Added Powerpreter
• Added Execute-DNSTXT-Code
• Bug fix in Create-MultipleSessions.
• Changes to StringToBase64. It now supports Unicode encoding which makes it usable with -Encodedcommand
• More Changes to StringToBase64. Now a file can be converted.
• Added Copy-VSS
• Information_Gather shows output in better format now.
• Information_Gather renamed to Get-Information.
• Wait for command renamed to HTTP-Backdoor.
• Time_Execution renamed Execute-OnTime
• Invoke-PingSweep renamed to Port-Scan
• Invoke-Medusa renamed to Brute-Force

Download -

nishang_0.3.0.zip

Download other versions from here

Some blog posts to check out to begin with:

http://labofapenetrationtester.blogspot.in/2012/08/introducing-nishang-powereshell-for.html

http://labofapenetrationtester.blogspot.in/2013/08/powerpreter-and-nishang-Part-1.html

Source-

https://code.google.com/p/nishang/