PowerSploit
PowerSploit is a PowerShell post-exploitation framework consisting of scripts for authorized penetration tests. It provides modules for various post-exploitation tasks across multiple categories.
Description
PowerSploit is a series of Microsoft PowerShell scripts designed for use in post-exploitation scenarios during authorized penetration tests. The framework is organized into directories covering different aspects of post-exploitation activities, including AntivirusBypass, CodeExecution, Exfiltration, Persistence, PETools, Recon, and ScriptModification.
The tool is installed on Kali Linux and accessible via /usr/share/powersploit/, containing PowerShell module files like PowerSploit.psd1 and PowerSploit.psm1, along with a README.md. It supports advanced Windows attack techniques relevant to penetration testing curricula such as PEN-200.
PowerSploit aids red team operations by providing scripted capabilities for maintaining access, escalating privileges, and extracting data in Windows environments.
How It Works
PowerSploit operates as a PowerShell module framework with scripts grouped into functional directories like Recon for information gathering, Persistence for maintaining access, Exfiltration for data theft, and CodeExecution for running payloads. It leverages PowerShell's execution capabilities to perform post-exploitation techniques on Windows targets, bypassing defenses and enabling authorized pentesting activities.
Installation
sudo apt install powersploitFlags
Examples
ls -l /usr/share/powersploit/powersploit -hsudo apt install powersploitcat /usr/share/powersploit/README.mdls /usr/share/powersploit/Reconls /usr/share/powersploit/Persistencels /usr/share/windows-resources/powersploit