Nishang: Using PowerShell for penetration testing

Nishang is a framework, and a collection of scripts and payloads which enables PowerShell usage for offensive security, penetration testing and red teaming.


The tool is the brainchild of information security researcher Nikhil Mittal, who created it after realizing he needed something custom for his penetration testing engagements, and later decided to share it with the community through GitHub.

“The wide use of Windows as server and user desktop in the enterprise made PowerShell an attractive target. I was taken aback with the ease with which various penetration testing tasks can be performed with PowerShell,” Mittal told Help Net Security.

Nishang future plans

Mittal is currently working on bypassing various restrictions like Applocker whitelisting, and Windows 10 AMSI. Nishang user’s will soon see scripts related to Active Directory and SQL Server.

“In the long term, I would like the tool to be able to handle multiple connect backs (reverse shells) from a PowerShell console,” says Mittal.

If you’re at Black Hat USA 2016 in Las Vegas this week, you can see Nishang in action at the Arsenal.

Black Hat USA 2016

Don't miss