- Kali Linux or Parrot OS
- Invoke-Obfuscation
GitHub Repository: https://github.com/danielbohannon/Invoke-Obfuscation
IMPORTANT: The target users should be able tae execute PowerShell scripts, otherwise, we willnae be able tae execute the obfuscated/encoded PowerShell scripts.
Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command an' script scrambler. It's a braw wee tool that can help ye hide yer malicious PowerShell scripts frae the prying eyes o' antivirus software.
Ye can use this nifty wee gadget tae scramble an' disguise yer malicious PowerShell scripts. PowerShell scripts are mair likely tae slip past AV detection, as the code is runnin' in an interpreter an' it's right difficult tae tell if the code is up tae nae good.
Settin' Up Invoke-Obfuscation On Kali
We can rin PowerShell scripts on Kali Linux by installin' the Powershell package.
Step 1: Install Powershell on Kali Linux, an' ye can dae that by runnin' the followin' command:
Code: Select all
sudo apt-get install powershell -y
Step 2: Noo, ye can start up a PowerShell session by runnin' the followin' command:
Code: Select all
pwsh
This'll present ye wi' a standard PowerShell prompt, an' that's where ye can start runnin' yer PowerShell commands an' scripts.
Step 3: Noo, clone the Invoke-Obfuscation GitHub repository, which contains the PowerShell scripts we need.
Tae dae that, ye just need tae run the followin' command:
Code: Select all
git clone https://github.com/danielbohannon/Invoke-Obfuscation.git
Step 4: Noo that ye've got the Invoke-Obfuscation repository cloned on yer Kali system, it's time tae start usin' that braw wee tool. Tae dae that, ye'll need tae launch a PowerShell prompt an' navigate tae the cloned directory.
Ance ye've got yer PowerShell prompt fired up, ye can move intae the Invoke-Obfuscation directory by runnin' the followin' command:
Code: Select all
cd Invoke-Obfuscation
An' noo, ye can execute the Invoke-Obfuscate PowerShell script by runnin' this command:
Code: Select all
.\Invoke-Obfuscation.ps1
If ye've followed the previous steps correctly, the Invoke-Obfuscation script should execute an' ye should be presented wi' a braw wee menu.