powerhub

We have hosted the application powerhub in order to run this application in our online workstations with Wine or directly.

Quick description about powerhub:

PowerHub is a post-exploitation tool with a web-application front end that helps penetration testers deploy PowerShell-based payloads in stealthy ways. It is designed to assist in bypassing endpoint protection and application whitelisting by providing fileless / in-memory execution, encrypted/obfuscated payload delivery, and module management. It supports features for transferring output/data back via the webapp or CLI, supports certificate pinning, AMSI bypass, and offers helper routines for invoking common offensive/recon tools via modules.

Features:

• Fileless and stateless execution of code/payloads so fewer artifacts on disk
• RC4 (and AES etc.)-based string obfuscation of payloads / download cradles to reduce detection
• Choice / multiple AMSI (Antimalware Scan Interface) bypasses to try to evade different endpoint protection setups
• Certificate pinning, TLS transport, out-of-band or embedded key exchange for encrypted communication between client & server
• Module management: ability to load modules (PowerShell, PE, .NET etc.), lazy loading, preloaded modules, transparent aliasing etc.

Programming Language: PowerShell.
Categories: