Author: Tim Peck (bobby_tablez)
-
Enable All The Logs!
This script automates enhancing logging telemetry on Windows hosts. It is designed specifically with threat detection in mind where logging is critical for detections in SIEM environments or in a lab setting for emulation, validation or for malware analysis. This…
-
Invoke-XORfuscation
Generate obfuscated PowerShell commands using XOR logic with random keys. Generate obfuscated PowerShell commands using XOR logic with random keys. Each variable as well as the XOR key is randomly generated. The resulting code is a PowerShell one-liner (or entire…
-
Py-BATCH-Fuscator
Obfuscate or Deobfuscate Batch Scripts using Encoding A set of Python scripts that uses a known method of batch script obfuscation by messing with the encoding. Simply pass in the encode/decode [-e/-d] parameter and file name ending in either .cmd…
-
Invoke-Mathfuscation – GitHub
A quick command line utility that converts individual characters of an input string into char values. It then takes a user-supplied number value and uses it to obfuscate the individual char values. Lastly, it outputs a simple obfuscated one-liner using…
-
IP-Obfuscator
This PowerShell script takes a standard IPv4 address and obfuscates it using several methods. Each method “should” be interpreted correctly using a console, browser, or compiler. The script supports several conversion methods such as decimal, several hexadecimal conversions, mixed notation…
-
Process Suspender – GitHub
A quick PowerShell utility which launches and immediately suspends a provided process for a specified amount of time. The script prompts for process name, amount of time in seconds to leave the process in a suspended state. Once the time…