PSPunch is An offensive Powershell console aimed at making Windows pentesting a little easier.
What is it?
PSPunch combines some of the best projects in the infosec powershell community into a self contained executable. It’s designed to evade antivirus and Incident Response teams.
– It doesn’t rely on powershell.exe. Instead it calls powershell directly through the dotNet framework.
– The modules that are bundled with the exe are encrypted. When PSPunch starts, they are decrypted into memory. The unencrypted payloads never touch disk, making it difficult for most antivirus engines to catch them.
Offensively, PSPunch contains commands for Privilege Escalation, Recon and Data Exfilitration. It does this by including the following modules and commands:
How to use it:
PSPunch works best when you generate your own version through PSAttack. PSAttack will handle downloading PSPunch, updating the modules to the latest versions, encrypting them with a custom key and then compiling the whole thing into an executable.
If you want to just try PSPunch, you can download a compiled release from the releases tab. This binary will work, but the modules may be out of date and the encrypted files aren’t custom so they’re going to be much easier to spot by AV or IR teams.
Of course, you can also just clone the repo and compile the code yourself. You can use Visual Studio Community Edition to work with it and compie it.om U
Note From US:
– you can modify PSPunch dot sln file(Visual C# Project File) if you use x86 or Window 32Bit before build into exe file!!