Skip to content
/ Powershell_Fernet_Obfuscator Public

A script to obfuscate powershell payloads , bypassing AMSI.dll and Windows Defender

37 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

1captainnemo1/Powershell_Fernet_Obfuscator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
empire_fernet_ps.png
empire_fernet_ps.png
 
 
empirepay.ps1
empirepay.ps1
 
 
pspyfernet_obs.py
pspyfernet_obs.py
 
 

Repository files navigation

Powershell_Fernet_Obfuscator

A python Code to obfuscate any non-fud Powershell payload and generate a ready to use FUD Python executable script

Powershell_Fernet_Obfuscator

This is a tool to Obfuscate any existing powershell non fud payload(empire,unicorn,SET PS vector) and , in the process will create a FUD python ready to use script that can be used to perform different tasks.

In this Example I have shown how a non Fud Empire PS payload reverse shell , can be obfuscated to bypass AMSI.dll check and evade Windows defender .

Virustotal detection results : https://www.virustotal.com/gui/file/8b9ec6a026f49d4db1d89f6f5060857eb335a8decbd04642a13c28220600aac3/detection

Please do not upload to virus total.

Usage : python pspyfernet_obs.py nonfudpspayload.ps1

This Will generate the FUD payload.

Watch The Youtube Video for Clarification

to_video

About

A script to obfuscate powershell payloads , bypassing AMSI.dll and Windows Defender

Resources

Readme
Activity

Stars

37 stars

Watchers

3 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages