Evil-WinRM

A post exploitation framework for windows/AD pentesting using WinRM management protocol.

Features:

• Compatible to Linux and Windows client systems

• Load in memory Powershell scripts

• Load in memory dll files bypassing some AVs

• Load in memory C# (C Sharp) assemblies bypassing some AVs

• Load x64 payloads generated with awesome donut technique

• Dynamic AMSI Bypass to avoid AV signatures

• Pass-the-hash support

• Kerberos auth support

• SSL and certificates support

• Upload and download files showing progress bar

• List remote machine services without privileges

Basic Usage

connect to target:

evil-winrm -u user -p password [ip]

see options:

> menu

upload/download :

upload/download [src] [dst]