Nishang is an open source framework and collection of powerful PowerShell scripts and payloads that you can use during penetration testing audit, post exploitation phase or other stages of offensive security auditing. Nishang is useful during various phases of a security auditing process and has many scripts categorized into logical categories such as information gathering, scanning, privilege elevation etc.
PowerShell Penetration Testing Framework Usage:
Import all scripts in the current PowerShell session (PowerShell v3 onwards).
C:\nishang> Import-Module .\nishang.psm1
Use the individual scripts with dot sourcing.
C:\nishang> . C:\nishang\Gather\Get-Information.ps1 C:\nishang> Get-Information
To get help about any script or function, use:
C:\nishang> Get-Help [scriptname] -full
Note: Help is available for the function loaded after running a script but not the script itself – since version 0.3.8. The function names are the same as script names.
For example, to see the help about Get-WLAN-Keys.ps1, use
C:\nishang> . C:\nishang\Get-WLAN-Keys.ps1 C:\nishang> Get-Help Get-WLAN-Keys -Full
Leave a Reply