Phrozen InfoSec Tools - Papers

PowerBruteLogon is a ported version of WinBruteLogon in pure PowerShell

Notice that this version is slower than WinBruteLogon but has the advantage to be 100% coded in PowerShell. In a near future, I will try to implement jobs to improve the speed of logon testing.

Be aware that both WinBruteLogon and PowerBruteLogon are very noisy, each failed attempt will result in a new "Bad Logon" log entry on Windows.

For more information about the whole concept behind this project, please read the following article

Read more...

PowerAssembly

Map in current PowerShell Instance Memory .NET Assemblies from remote web server.

When Assembly is mapped, you can invoke it's main with a command line argument.

The advantage of this technique is to avoid having assemblies written on disk. Everything happens in memory.

I'm using this script during my penetration tests / labs right after getting an initial shell on Windows to load other .NET Tools (Ex: ShapHound, ShapUp etc..)

Read more...