Nishang - HackDB

Submit your favorite resources for free.

Recent Category Tag Pricing Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

The Ultimate Directory for Offensive Security

Resources

Recent
Category

Home
Items
Nishang

Nishang

Nishang is a PowerShell framework for offensive security, penetration testing, and red teaming, useful in all phases of security assessments.

Visit Website Share on X

image of Nishang

Introduction

Information

Publisher
Admin
Websitegithub.com
Created date04/28/2025
Published date04/28/2025

Categories

Red Team Operations

Tags

Internal

More Resources

Listing

Pricing
FAQ
Submit

Pages

Home
Support
Sitemap
llms.txt

Company

About Us
Privacy Policy
Terms of Service

Copyright © 2026 All Rights Reserved.

image of IronPE

Exploit DevelopmentInfrastructure SecurityRed Team Operations

IronPE

Rust-based Windows PE manual loader supporting x86/x64. Implements manual mapping, base relocations, and import resolution for memory-based execution.

image of Lab401

Wireless SecurityPhysical SecurityRed Team OperationsReverse Engineering

Lab401

Premier hardware store for offensive security, providing Flipper Zero, Proxmark, Hak5 tools, SDR equipment, and specialized RFID cloning hardware.

Wireless Physical Internal

image of Swarmer

Red Team OperationsInfrastructure Security

Swarmer

Convert registry exports into NTUSER.MAN hive files to stealthily inject HKCU keys without admin rights, bypassing EDR/AV registry API monitoring.

Nishang is a powerful PowerShell framework designed for offensive security, penetration testing, and red teaming. It comprises a collection of scripts and payloads that enable the use of PowerShell during various phases of penetration tests.

Key features include:

In-Memory Execution: Scripts are designed for in-memory execution, evading traditional AV detection.
Versatile Payloads: Offers a wide range of payloads, including reverse shells, keyloggers, and credential harvesting tools.
Active Directory Exploitation: Includes scripts for modifying AD objects and setting DCShadow permissions.
Client-Side Attacks: Tools for creating infected files (CHM, Word, Excel, HTA) for phishing campaigns.
Privilege Escalation: Scripts to bypass UAC and escalate privileges to SYSTEM.
Exfiltration Techniques: Methods for data exfiltration via Gmail, Pastebin, web servers, and DNS.
Post-Exploitation Modules: Tools for pivoting, network relaying, and gathering sensitive information.

Nishang is a valuable asset for security professionals seeking to leverage PowerShell for red team engagements and comprehensive security assessments.