CHANGELOG.txt

0.7.1
- Added Invoke-AmsiBypass to the Bypass directory.
0.7.0
- Added Invoke-SSIDExfil to the Gather directory. 
- Gupt-Backdoor can now receive commands from SSID names on targets having PowerShellv3 and above.
 - Added ConverTo-ROT13 to the Utility directory.
0.6.9
- Get-PassHashes now uses Reflection. Thanks to Zer1t0 on GitHub.
- Added Invoke-Mimikittenz by Jamieson O'Reilly
0.6.8
- Added Out-SCF in the Client directory.
0.6.7
- Added Out-JS.ps1 in the Client directory.
- Added Out-SCT.ps1 in the Client directory.
- Added Invoke-JSRatRegsvr.ps1 in the Shells directory.
- Added Out-RundllCommand in the Execution directory.
0.6.6
- Added Invoke-JSRatRundll in the Shells directory.
0.6.5
- Updated Out-Word, Out-Excel, Out-HTA and Out-CHM. Now, scripts can directly be used as a payload.
- Updated Out-Word and Out-Excel. If a new document is now generated it tries to trick the target in enabling macros.
- Out-HTA uses inline VBScript now. A separate VBScirpt is not generated anymore.
0.6.4
- Added ActiveDirecotry directory.
- Added Get-UnConstrained.ps1 to the ActiveDirectory directory.
- Added Invoke-Mimikatz (mimikatz version 2.1 alpha 17/02//2016) to the Gather Directory.
0.6.3
- Added Invoke-Interceptor to the MITM directory.
0.6.2
- Added support for dumping cleartext credentials from RDP sessions for Invoke-MimikatzWfigestDowngrade.
0.6.1
- Added Show-TargetScreen to the Gather directory.
0.6.0
- Added Invoke-PsUACme to the Escalation directory.
0.5.9
- Added Get-PassHints to the Gather directory.
- Added Out-WebQuery and Get-PassHints to Powerpreter.
0.5.8
- Added Out-WebQuery to the Client directory.
- Added Start-CaptureServer to the Utility directory.
0.5.7
- Invoke-PoshRatHttps does not install root certificate anymore and certificate pinning is used.
- Added a disclaimer.
- Minor bugs in Powerpreter are fixed.
- Updates to Antak. Authentication and ability to execute SQL Queries added.
- Name of Do-Exfiltration changed in HTTP-Backdoor, DNS_TXT_Pwnage and Execute-On-Time
- Removed hard coded credentials from Invoke-PSGcat.ps1 and Invoke-PSGcat in Powerpreter. So embarrassing!
0.5.6
- Added Invoke-PowerShellIcmp to the Shells directory.
- Adjusted buffer for Invoke-PowerarShellTcp and Invoke-PowerShellUdp and one liners to show larger output.
0.5.5
- Added Invoke-PowerShellWmi to the Shells directory. 
0.5.4
- Added Invoke-PoshRatHttps, Invoke-PosRatHttp and Remove-PoshRat to the Shells directory.
0.5.3
- Added Invoke-PowerShellUdp and Invoke-PowerShellUdpOneLiner to Shells directory.
0.5.2
- Added Invoke-PowerShellTcp and Invoke-PowerShellTcpOneLiner to Shells directory.
0.5.1
- Added Invoke-MimikatzWfigestDowngrade to Gather directory.
0.5.0.1
- Updated Powerpreter by adding Invoke_NetworkRelay and Gcat.
0.5.0
- Added Invoke-NetworkRelay to Pivot directory.
- Added Invoke-PsGcat and Invoke-PsGcatAgent to Shells directory.
0.4.4.2
- Brute-Force.ps1 renamed to Invoke-BruteForce.
- Brute-Force function renamed to Invoke-BruteForce in Powerpreter.
- Major changes to Invoke-BruteForce.
- Major changes to B
0.4.4.1
- Credentials script renamed to Invoke-CredentialsPhish.
- Bug fixes related to exfiltration in the Keylogger script.
- Execute-Command-MSSQL now supports Windows Authentication.
0.4.4
- Added Add-ScrnSaverBackdoor to the Backdoors directory.
- Download-Execute-PS now randomizes filename for the saved script.
- Added Invoke-ADSBackdoor (by Matt).
0.4.3
- Added Out-DnsTxt to Utility directory.
- Modifications to DNS_TXT_Pwnage and Execute-DNSTXT-Code to support multiple domains.
- Added Out-DnsTxt to Powerpreter.
- Updates to Powerpreter fucntions DNS_TXT_Pwnage and Execute-DNSTXT-Code.
0.4.2
- Powerpreter updated to include Client Side Attack functions and other bug fixes.
0.4.1
- Bug fixes to Out-Word and Out-Excel.
0.4.0
- Added scripts for Client Side Attacks
0.3.8.1
- Changes to Encoding and Compression methods acroos multiple scripts
- Bug fix in Get-LSASecrets.ps1
0.3.8
- Fixed help in all the scripts. Now, help is available for the loaded functions.
0.3.7
- Added Gupt-Backdoor to Backdoors.
0.3.6.6
- Changes to Download_Execute to make it work with authentication proxies.
0.3.6.5
- Minor changes to ExeToText.
0.3.6.4
- Get-PassHashes does not require SYSTEM privs anymore.
0.3.6.3
- Minor changes to Download-Execute-PS which now allows to pass arguments to scripts.
0.3.6.2
- Invoke-Encode can now output encoded command which could be used to execute scripts in a non-interactive shell.
0.3.6.1
- Powerpreter code made more readable.
- Powerpreter updated for recent changes done to other scripts in Nishang (Egress Testing, New Exfil methods, Bug fixes).
- Powerpreter persistence improved and bugs fixed.
- Bug fixes in HTTP-Backdoor and Execute_OnTime.
- Minor improvements to TextToExe and ExeToText scripts in Utility.
0.3.6
- Added Invoke-Encode.
- Changed compression and encoding methods used by Do-Exfitration, Backdoors, Invoke-Decode, Add-Exfiltration and Keylogger.
0.3.5
- Added Antak Webshell.
0.3.4
- Minor improvements in StringtoBase64.ps1
- Fixed a typo in Firelistener. Client port was not being displayed.
- All the scripts could be run using "dot source" now.
- All the scripts in Nishang could be loaded into current powershell session by importing Nishang.psm1 module.
- Added new exfiltration options, POST requests to Webserver and DNS txt queries.
- Removed exfiltration support for tinypaste.
- Exfiltration options have been removed from all scripts but Backdoors and Keylogger.
- Added Nishang.psm1
- Added Do-Exfiltration.ps1.
- Added Add-Exfiltration.ps1.
- Added Invoke-Decode.ps1.
- Removed Browse_Accept_Applet.ps1
0.3.3
- Minor bug fix in Copy-VSS.ps1
- Bug fix in Keylogger.ps1. It should log keys from a remote shell now (not powershell remoting).
0.3.2.2
- Download_Execute_PS.ps1 can now download and execute a Powershell script without writing it to disk.
- Execute_OnTime.ps1 and HTTP-Backdoor.ps1 executed the payload without downloading a file to disk.
- Fixed help in Brute-Force function in Powerpreter.
- Execute-OnTime, HTTP-Backdoor and Download-Execute-PS in Powerpreter now execute powershell scripts without downloading a file to disk.
- Added Firebuster.ps1 and Firelistener.ps1
0.3.2.1
- Fixed help and function name in Brute-Force.ps1
0.3.2
- Added Persistence to Keylogger, DNS_TXT_Pwnage, Execute_OnTime, HTTP-Backdoor and Powerpreter.
- Scirpts are now arranged in different directories.
- Added Add-Persistence.ps1 and Remove-Persistence.ps1
- Fixed minor bugs in scripts which use two parameterset.
- Invoke-NinjaCopy has been removed.
0.3.1
- Pivot now accepts multiple computers as input.
- Added Use-Session to interact with sessions created using Pivot.
0.3.0
- Added Powerpreter
- Added Execute-DNSTXT-Code
- Bug fix in Create-MultipleSessions.
- Changes to StringToBase64. It now supports Unicode encoding which makes it usable with -Encodedcommand.
- More Changes to StringToBase64. Now a file can be converted.
- Added Copy-VSS
- Information_Gather shows output in better format now.
- Information_Gather renamed to Get-Information.
- Wait for command renamed to HTTP-Backdoor.
- Time_Execution renamed Execute-OnTime
- Invoke-PingSweep renamed to Port-Scan
- Invoke-Medusa renamed to Brute-Force
0.2.9
- Run-EXEonRemote now accepts custom arguments for the executable.
- More examples added to the Keylogger.
0.2.8
- Fixed issues while using Get-LSASecret, Get-PassHashes, Get-WLAN-Keys and Information_Gather while using with Powershell v2
0.2.7
- DNS_TXT_Pwnage, Time_Execution and Wait_For_Command can now be stopped remotely. Also, these does not stop autmoatically after running a script/command now.
- DNS_TXT_Pwnage, Time_Execution and Wait_For_Command can now return results using selected exfiltration method.
- Fixed a minor bug in DNS_TXT_Pwnage.
- All payloads which could post data to the internet now have three options pastebin/gmail/tinypaste for exfiltration.
- Added Get-PassHashes payload.
- Added Download-Execute-PS payload.
- The keylogger logs only fresh keys after exfiltring the keys 30 times.
- A delay after success has been introduced in various payloads which connect to the internet to avoid generating too much traffic.
0.2.6
- Added Create-MultipleSessions script.
- Added Run-EXEonRemote script.
0.2.5
- Added Get-WLAN-Keys payload.
- Added Remove-Update payload.
- Fixed help in Credentials.ps1
- Minor changes in Donwload_Execute and Information_Gather.
0.2.1
- Added Execute-Command-MSSQL payload.
- Removed Get-SqlSysLogin payload
- Fixed a bug in Credentials.ps1
0.2.0
- Removed hard coded strings from DNS TXT Pwnage payload.
- Information Gather now pastes data base64 encoded, does not trigger pastebin spam filter anymore.
- Credentials payload now validates both local and AD crdentials. If creds entered could not be validated locally or at AD, credential prompt is shown again.
- Base64ToString now asks for a file containing base64 string. To provide a string in place of file use "-IsString" parameter.
- Browse_Accept_Applet now handles prompts for both 32 bit and 64 bit Internet Explorer. The wait time for the applet to load has also been increased .
- Added Enable_DuplicateToken payload.
- Added Get-LSASecret payload.
- Added Get-SqlSysLogin payload.
- Added Invoke-Medusa payload.
- Added Invoke-PingSweep payload.

0.1.1
- Fixed a bug in Parse_Keys. The function Parse_Keys was not being called.
- Changed help in Wait_For_Command.ps1
- Fixed a bug in Wait_For_Command. $MagicString was not being used instead a fixed string was matched to the result of $checkurl
- Removed delay in the credentials payload's prompt. Now the prompt asking for credentials will keep appearing instantly if nothing is entered.
- Added CHANGELOG to repo
- Removed hard coded credentials from Credentials.ps1 :| and edited the code to accept user input.