{
	"id": "1677dde8-62b0-47d4-83ea-a0d0990a924d",
	"created_at": "2026-04-06T00:06:18.712388Z",
	"updated_at": "2026-04-10T03:20:03.916047Z",
	"deleted_at": null,
	"sha1_hash": "ed92d7ebe1e12dfdf5d0e8befada7dd610d16b89",
	"title": "GitHub - Exploit-install/PSAttack-1: A portable console aimed at making pentesting with PowerShell a little easier.",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 86299,
	"plain_text": "GitHub - Exploit-install/PSAttack-1: A portable console aimed at\r\nmaking pentesting with PowerShell a little easier.\r\nBy Jared Haight\r\nArchived: 2026-04-02 12:40:57 UTC\r\nPS\u003eAttack\r\nbuild passing\r\nA portable console aimed at making pentesting with PowerShell a little easier.\r\nWhat is it\r\nPS\u003eAttack combines some of the best projects in the infosec powershell community into a self contained custom\r\nPowerShell console. It's designed to make it easy to use PowerShell offensively and to evade antivirus and\r\nIncident Response teams. It does this with in a couple of ways.\r\n1. It features powerful tab-completion covering commands, parameters and file paths.\r\n2. A custom command \"get-attack\" is included that helps you find the attack that you're looking for.\r\n3. It doesn't rely on powershell.exe. Instead it calls powershell directly through the .NET framework. This\r\nmakes it harder for enterprieses to block.\r\n4. The modules that are bundled with the exe are encrypted. When PS\u003eAttack starts, they are decrypted into\r\nmemory. The unencrypted payloads never touch disk, making it difficult for most antivirus engines to catch\r\nthem.\r\nPS\u003eAttack contains over 100 commands for Privilege Escalation, Recon and Data Exfilitration. It does this by\r\nincluding the following modules and commands:\r\nPowersploit\r\nInvoke-Mimikatz\r\nGet-GPPPassword\r\nInvoke-NinjaCopy\r\nInvoke-Shellcode\r\nInvoke-WMICommand\r\nVolumeShadowCopyTools\r\nPowerTools\r\nPowerUp\r\nPowerView\r\nNishang\r\nGupt-Backdoor\r\nDo-Exfiltration\r\nDNS-TXT-Pwnage\r\nhttps://github.com/Exploit-install/PSAttack-1\r\nPage 1 of 3\n\nGet-Infromation\r\nGet-WLAN-Keys\r\nInvoke-PsUACme\r\nPowercat\r\nInveigh\r\nIt also comes bundled with get-attack , a command that allows you to search through the included commands\r\nand find the attack that you're looking for.\r\nYou can find a list of commands included in PS\u003eAttack here\r\nHow to use it\r\nPS\u003eAttack is available as a pre-compiled binary on the releases tab. No setup or install is required, you can just\r\ndownload it and run.\r\nAnother option is to use the PS\u003eAttack Build Tool. The build tool handles downloading PS\u003eAttack, updating the\r\nmodules to the latest versions, encrypting them with a unique key and then compiling the whole thing. The end\r\nhttps://github.com/Exploit-install/PSAttack-1\r\nPage 2 of 3\n\nresult is a custom version of PS\u003eAttack that has all the latest tools and a custom file signature thanks to the unique\r\nkey.\r\nOf course, you can also just clone the repo and compile the code yourself. You can use Visual Studio Community\r\nEdition to work with it and compie it.\r\nContact Info\r\nIf you have any questions or suggestions for PS\u003eAttack, feel free to submit an issue or you can reachout on twitter\r\nor via email: jaredhaight at prontonmail.com\r\nGr33tz\r\nPS\u003eAttack was inspired by and benefits from a lot of incredible people in the PowerShell community. Particularly\r\nmattifiestation of PowerSploit and sixdub, engima0x3 and harmj0y of Empire. Besides writing the modules and\r\ncommands that give PS\u003eAttack it's punch, their various projects have inspired a lot of my approach to this project\r\nas well as my decision to try and contribute something back to the community.\r\nA huge thank you to Ben0xA, who's PoshSecFramework was used to figure out a lot of things about how to build\r\na powershell console.\r\nSource: https://github.com/Exploit-install/PSAttack-1\r\nhttps://github.com/Exploit-install/PSAttack-1\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://github.com/Exploit-install/PSAttack-1"
	],
	"report_names": [
		"PSAttack-1"
	],
	"threat_actors": [],
	"ts_created_at": 1775433978,
	"ts_updated_at": 1775791203,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ed92d7ebe1e12dfdf5d0e8befada7dd610d16b89.pdf",
		"text": "https://archive.orkl.eu/ed92d7ebe1e12dfdf5d0e8befada7dd610d16b89.txt",
		"img": "https://archive.orkl.eu/ed92d7ebe1e12dfdf5d0e8befada7dd610d16b89.jpg"
	}
}