Installing Gallium OS + Pen-Testing tools on Stock Chromebook

A while back I picked up an Acer Chromebook 14 as an inexpensive laptop I could use around the house or lug along on trips without being overly paranoid I’d break it, lose it, or have it stolen.  I did initially look into installing Linux on it after having it a few months but firmware support was very sketchy with newer Braswell Chromebooks at the time so I put it on the back burner for a while.  I did toy around with using Crouton but performance was frustratingly bad and didn’t seem worth the bother to me. Continue reading “Installing Gallium OS + Pen-Testing tools on Stock Chromebook”

Obfuscating PowerShell Commands using Invoke-Obfuscation

Source: https://github.com/danielbohannon/Invoke-Obfuscation

Thanks to one of Dave Kennedy’s talks for making me aware of this tool for obfuscating PowerShell code.  As PowerShell is used more and more in attacks the higher the likelihood there is for defenders to attempt to detect malicious commands or look for specific strings.  To evade these detection techniques we can try to encode our commands to make them much harder to detect.

I’ll use the previous Bash Bunny Payload as an example with this tool.

Continue reading “Obfuscating PowerShell Commands using Invoke-Obfuscation”