Skip to content
/ x86-PowerShell-Memory-Injection-Script Public

A simple, obfuscated in-memory injection script written in PowerShell that bypasses Windows Defender

License

MIT license
3 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Sn1r/x86-PowerShell-Memory-Injection-Script

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

LICENSE

LICENSE

 
 

README.md

README.md

 
 

script.ps1

script.ps1

 
 

Repository files navigation

x86 PowerShell Memory Injection Script

A simple, obfuscated in-memory injection script written in PowerShell that bypasses Windows Defender (according to the time of writing this). Works only by using the x86 version of PowerShell

Disclaimer

⚠️ This code won't be used for illegal purposes. Use it responsibly for education only

Usage

First, make sure you have ExecutionPolicy set to "Unrestricted"

Get-ExecutionPolicy -Scope CurrentUser

If not, set it like this

Set-ExecutionPolicy Unrestricted -Scope CurrentUser

Then, run your script while opening PowerShell x86 by simply:

.\code.ps1

ℹ️ Don't forget to edit the "shellcode goes here" placeholder to your own custom shellcode or to a msfvenom payload

About

A simple, obfuscated in-memory injection script written in PowerShell that bypasses Windows Defender

Topics

reverse-shell powershell-script antivirus-evasion antivirus-bypass

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages