RedTeam
5.Machine
3.Active-Directory
General
Exploitation
AV-Detection-and-Evasion
Evasion-Techniques
Tools
Evasion Invoke Obfuscation

Commands

	    ____                 __
	   /  _/___ _   ______  / /_____                         
	   / // __ \ | / / __ \/ //_/ _ \______                  
	 _/ // / / / |/ / /_/ / ,< /  __/_____/                  
	/______ /__|_________/_/|_|\___/         __  _           
	  / __ \/ /_  / __/_  ________________ _/ /_(_)___  ____ 
	 / / / / __ \/ /_/ / / / ___/ ___/ __ `/ __/ / __ \/ __ \
	/ /_/ / /_/ / __/ /_/ (__  ) /__/ /_/ / /_/ / /_/ / / / /
	\____/_.___/_/  \__,_/____/\___/\__,_/\__/_/\____/_/ /_/ 


# If not installed (In PowerShell)
powershell
cd Invoke-Obfuscation
./Invoke-Obfuskation.psd1
Invoke-Obfuskation

# In PowerShell
Invoke-Obfuscation

# Encode/Encrypt PowerShell script you want to  (ps1)
SET SCRIPTPATH /home/.../something.ps1
ENCODING, AST, ...                    ---> Select the encoding option to obfuscate

# Sent to the target and execute
python3 -m http.server                ---> Transfer the file

More information ---> https://www.youtube.com/watch?v=6xexyQwG7SY (opens in a new tab)

What is Invoke-Obfuscation

Invoke-Obfuscation is a PowerShell script designed to obfuscate, or make difficult to understand, other PowerShell scripts or commands. It does this by using various techniques, such as replacing clear text with encoded or encrypted versions, or by rearranging the order and structure of the code. The goal of Invoke-Obfuscation is to make it more difficult for security analysts, malware researchers, or other parties to understand and analyze PowerShell scripts or commands that are being used for malicious purposes. Obfuscation can be used to conceal the true purpose of a script or command and make it more difficult for defenders to identify and mitigate potential threats. It is important to note that Invoke-Obfuscation is not a malicious tool in and of itself, but it can be used for malicious purposes if it is used to obfuscate malicious scripts or commands.

GOAL ---> Evade Windows Defender