PowerMemory: extract credentials from Windows memory

Also in user-land Like Mimikittens, PowerMemory uses PowerShell to access Windows memory in user-land and extracts the credentials stored in ram: The method is totally new. It proves that it can be extremely easy to get credentials or any other information from Windows memory without needing to code in C-type languages. In addition, with this…

PowerShellArsenal , a PowerShell module for reverse engineering

Powerful and easy to use PowerShellArsenal is a useful PowerShell module that can be used to perform reverse engineering activities on .NET assemblies, like disassembling code, perform .NET malware analysis and analyze memory. PowerShellArsenal is comprised of the following tools: Disassembly — Disassemble native and managed code. MalwareAnalysis — Useful tools when performing malware analysis. MemoryTools — Inspect and analyze process memory. Parsers — Parse file…

PowerUpSQL, a PowerShell Toolkit for discovering and auditing SQL Server

Discovery, auditing…and some vulnerability checks Developed by Scott Sutherland, PowerUpSQL is a powershell module intended to be used during internal penetration tests, that perform discovery, inventory, auditing for common weak configurations, and privilege escalation checks on scale on SQLServer. From official github repository: PowerUpSQL was designed with six objectives in mind: Easy Server Discovery: Discovery…