Atakowanie powershell

8 January 2019

Source: https://github.com/trustedsec/unicorn

https://www.trustedsec.com/2018/06/weaponizing-settingcontent/

Magic Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory.

Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.