Nishang

Nishang is a powerful PowerShell framework designed for offensive security, penetration testing, and red teaming. It comprises a collection of scripts and payloads that enable the use of PowerShell during various phases of penetration tests.

Key features include:

• In-Memory Execution: Scripts are designed for in-memory execution, evading traditional AV detection.
• Versatile Payloads: Offers a wide range of payloads, including reverse shells, keyloggers, and credential harvesting tools.
• Active Directory Exploitation: Includes scripts for modifying AD objects and setting DCShadow permissions.
• Client-Side Attacks: Tools for creating infected files (CHM, Word, Excel, HTA) for phishing campaigns.
• Privilege Escalation: Scripts to bypass UAC and escalate privileges to SYSTEM.
• Exfiltration Techniques: Methods for data exfiltration via Gmail, Pastebin, web servers, and DNS.
• Post-Exploitation Modules: Tools for pivoting, network relaying, and gathering sensitive information.

Nishang is a valuable asset for security professionals seeking to leverage PowerShell for red team engagements and comprehensive security assessments.