NULL_SEC>

Tag: powershell

  • Invoke-XORfuscation

    Invoke-XORfuscation

    Generate obfuscated PowerShell commands using XOR logic with random keys. Generate obfuscated PowerShell commands using XOR logic with random keys. Each variable as well as the XOR key is randomly generated. The resulting code is a PowerShell one-liner (or entire…

  • Invoke-Mathfuscation – GitHub

    Invoke-Mathfuscation – GitHub

    A quick command line utility that converts individual characters of an input string into char values. It then takes a user-supplied number value and uses it to obfuscate the individual char values. Lastly, it outputs a simple obfuscated one-liner using…

  • IP-Obfuscator

    IP-Obfuscator

    This PowerShell script takes a standard IPv4 address and obfuscates it using several methods. Each method “should” be interpreted correctly using a console, browser, or compiler. The script supports several conversion methods such as decimal, several hexadecimal conversions, mixed notation…

  • Analysis of Malicious PDF attachments delivering XWorm Payloads

    Analysis of Malicious PDF attachments delivering XWorm Payloads

    Let’s dive into an interesting attack campaign which attempts to lure unsuspecting victims into downloading and running an Adobe “plugin” in order to deliver a RAT (remote access trojan) known as XWorm. Despite its name, XWorm functions as a RAT…