Winpayloads is a tool to provide undetectable Windows payload generation with persistance, uacbypass and onexecution checks.
Features:
+UACBypass – PowerShellEmpire
+PowerUp – PowerShellEmpire
+Invoke-Shellcode
+Invoke-Mimikatz
+Invoke-EventVwrBypass
+Persistence – Adds payload persistence on reboot
+Psexec Spray – Spray hashes until successful connection and psexec payload on target
+Upload to local webserver – Easy deployment
+Powershell stager – allows invoking payloads in memory & more
Winpayloads can also setup a SimpleHTTPServer to put the payload on the network to allow downloading on the target machine and also has a psexec feature that will execute the payload on the target machine if supplied with usernames,domain,passwords or hashes.
Installation
git clone https://github.com/nccgroup/winpayloads.git
cd winpayloads
./setup.sh will setup everything needed for Winpayloads
Start Winpayloads ./Winpayloads.py
Type ‘help’ or ‘?’ to get a detailed help page
Downloads and further info
https://github.com/nccgroup/Winpayloads
