Phish domain user credentials with CredsLeaker with Powershell

CredsLeaker is a powershell script that phishes information from the user. It will popup a user authentication box – The script will check the details against the domain controller until it has valid credentials.  Normally this screen is pretty common in a domain scenario and the user may have seen this box before. Once CredsLeaker … Read morePhish domain user credentials with CredsLeaker with Powershell

Silently execute a PowerShell script with a C# application

One way of avoiding detection of your payloads is to embed your Powershell payload into a semi-legitimate executable. You can create an executable that for example, would launch Microsoft Office or Google Chrome and use the exact same icon. Using this method, you can act as a middle-man. Upon execution of the application it would … Read moreSilently execute a PowerShell script with a C# application