Skip to content
This repository has been archived by the owner on Jan 23, 2024. It is now read-only.

Releases: cfalta/PowerShellArmoury

PSArmoury 2.0

25 Feb 20:51
@cfalta cfalta
2.0
958b233
Compare
Choose a tag to compare
PSArmoury 2.0 Latest
Latest

New major version that introduces, besides a lot of cleanup, a modular design for evasion and obfuscation code. The goal is to make PSArmoury more easy to adapt.

Details:

[fixed] Current loader detected by AV on disk
[fixed] Current deobfuscation method (AES) detected through AMSI
[fixed] Fixed a bug in -VerifyOnly that led to a silent fail
[fixed] Broken link in default config

[new] Modular design for evasion and obfuscation
[new] Reduced size of the cleartext loader function on disk to a minimum
[new] 3 different obfuscation templates included
[new] ConvertTo-PowerShell now supports private main methods (thanks @theluemmel)
[new] Used ParameterSets to improve quality of Powershell help menu (aka. "man New-PSArmoury")
[new] Github credentials can now be passed as a parameter - no more prompting

[removed] Support for BlockDLL process mitigation

Assets 2
Loading

PSArmoury 1.6

21 Jul 15:38
@cfalta cfalta
1.6
4c31c4a
Compare
Choose a tag to compare
PSArmoury 1.6

[new] introducing Invoke-Shuffle.ps1 - a new utility script for code obfuscation
[fixed] modified AMSI bypass and decryption stub to prevent detection by Windows Defender

Assets 2
Loading

PSArmoury 1.5

24 Jan 21:35
@cfalta cfalta
1.5
dc58de2
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PSArmoury 1.5

[new] new json config - WARNING: BREAKING CHANGE! - old config formats will no longer work. Have a look at the README.
[new] New-PSArmoury will now run a config syntax check by default (like -ValidateOnly)
[new] GZIP compression is here, typically armoury size reduced by at least 50% percent
[new] finally wrote a useful readme... yeah, I know...
[fixed] UTF8 with BOM will no longer cause issues

Assets 2
Loading

PSArmoury 1.4

17 Jan 09:44
@cfalta cfalta
1.4
37765de
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
PSArmoury 1.4

[new] Added support for BlockDLL process mitigation policy to enhance armoury protection

Assets 2
Loading

PSArmoury 1.3

15 Dec 14:12
@cfalta cfalta
1.3
e8b1568
Compare
Choose a tag to compare
PSArmoury 1.3

New release for Andi ❤️
[new] choose Github branch in config file (dev/master/...) --> have a look at the sample config
[new] simply create armoury from local file or folder without the need to create a config file
[new] every armoury now contains an inventory function called Get-PSArmoury, so you know what's inside

Assets 2
Loading

PSArmoury 1.2

17 Nov 20:11
@cfalta cfalta
1.2
0339991
Compare
Choose a tag to compare
PSArmoury 1.2

Added a small change to disable PS History automatically, which sadly bypasses some EDR solutions ;-)

Assets 3
Loading

PSArmoury 1.1

05 Oct 18:25
@cfalta cfalta
1.1
631e8de
Compare
Choose a tag to compare
PSArmoury 1.1

Small modifications regarding AMSI bypass. Updated tools inside.

Assets 3
Loading

PSArmoury 1.0

13 Jan 16:37
@cfalta cfalta
1.0
8371dad
Compare
Choose a tag to compare
PSArmoury 1.0 
Adapted config
Assets 3
Loading