#powershell — Public Fediverse posts

Inside Banana RAT: From Build Server to Banking Fraud

An MDR investigation successfully mapped the complete operational infrastructure of Banana RAT, a Brazilian banking trojan operated by threat cluster SHADOW-WATER-063. The investigation uncovered both server-side and client-side components, revealing a sophisticated FastAPI-based polymorphic payload generation system that produces hash-unique builds to evade detection. The malware employs layered obfuscation, AES-wrapped payloads, and fileless PowerShell execution. Once deployed, it enables operator-driven fraud through remote input control, keylogging, screen streaming, bank-branded overlays, and Pix QR code interception specifically targeting Brazilian financial institutions. The tooling exclusively targets 16 Brazilian banks and crypto exchanges, with all operator artifacts written in Brazilian Portuguese, indicating a financially motivated actor operating within the Tetrade banking trojan ecosystem.

Pulse ID: 6a0ce3af84b924ad15e27920
Pulse Link: https://otx.alienvault.com/pulse/6a0ce3af84b924ad15e27920
Pulse Author: AlienVault
Created: 2026-05-19 22:26:55

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #BankingTrojan #Brazil #CryptoExchange #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #PowerShell #RAT #RCE #Trojan #bot #AlienVault

@mrhvid.bsky.social will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June) 🎙️ Secret’s out 🤫 There's a better way to access Multi-Tenant 🎙️ Think Before You Loop: "Big O Thinking" for PowerShell devs 🎟️ psconf.eu #Europe #Germany #PowerShell

PowerShell function names are more than personal preference. In this PoshBytes, I cover how `Get-Verb` helps you find approved verbs, make your commands easier to discover, and keep PowerShell from judging you.

https://youtube.com/shorts/kEXedul6pMc
#PowerShell #Automation #Scripting #DevOps

Hahahahah a classic #LineOfTheShow at #work:

"I'd rather smash my hand than use #powershell.”

Hahahahahah #FuckMicrosoftRightUpSatansAnus #HotWetSeal #SloppyPloppy

Gracie, Rosie & Chloe
You have been contacted by Gracie, Rosie & Chloe to provide top notch Governance, Risk and Compliance. How will you respond?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame10.cfm

@[email protected] will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Persist Your PowerShell Script Data with Data API Builder 🎙️ SQL Server 2025, AI and PowerShell Scripts 🎟️ Tickets: : psconf.eu #automation #IT #PowerShell #Conference #Europe #Germany #AI

I've published a minor update to my #PowerShell module that I use to track my work and tasks. https://github.com/jdhitsolutions/PSWorkItem

Und ich habe kein schlechtes Gewissen dabei. #PowerShell

🌐 Managing #hybrid infrastructure? At #PSConfEU 2025, @[email protected] showed how #PowerShell + #Azure #Arc simplify: ✔ Hybrid server management ✔ Secure remoting via SSH ✔ Automation & DSC v3 🎟️ Tickets for 2026 → psconf.eu #Automation

- YouTube

Собрал MCP-сервер для Windows-администрирования: 42 инструмента, от Event Viewer до диагностики служб

Собрал MCP-сервер для Windows: 42 инструмента в 8 модулях Тут собраны Services, Event Viewer, Task Scheduler, Processes, Network, Diagnostics, Observability, Safety. Одна команда npx windows-admin-mcp , и Claude Desktop / Cursor / Claude Code получают полный доступ к администрированию Windows. TypeScript, MIT, npm. Внутри: диагностика служб за один вызов, анализ трендов ошибок, отслеживание изменений в системе, защита от случайных bulk-операций. Пользуюсь сам каждый день. Буду рад фидбеку: что добавить, что лишнее, где можно лучше.

https://habr.com/ru/articles/1036210/

#MCP #Windows #PowerShell #администрирование #DevOps #AI #Claude #автоматизация #мониторинг #Event_Viewer

Собрал MCP-сервер для Windows-администрирования: 42 инструмента, от Event Viewer до диагностики служб

Собрал MCP-сервер для Windows: 42 инструмента в 8 модулях Тут собраны Services, Event Viewer, Task Scheduler, Processes, Network, Diagnostics, Observability, Safety. Одна команда npx windows-admin-mcp , и Claude Desktop / Cursor / Claude Code получают полный доступ к администрированию Windows. TypeScript, MIT, npm. Внутри: диагностика служб за один вызов, анализ трендов ошибок, отслеживание изменений в системе, защита от случайных bulk-операций. Пользуюсь сам каждый день. Буду рад фидбеку: что добавить, что лишнее, где можно лучше.

https://habr.com/ru/articles/1036210/

#MCP #Windows #PowerShell #администрирование #DevOps #AI #Claude #автоматизация #мониторинг #Event_Viewer

Собрал MCP-сервер для Windows-администрирования: 42 инструмента, от Event Viewer до диагностики служб

Собрал MCP-сервер для Windows: 42 инструмента в 8 модулях Тут собраны Services, Event Viewer, Task Scheduler, Processes, Network, Diagnostics, Observability, Safety. Одна команда npx windows-admin-mcp , и Claude Desktop / Cursor / Claude Code получают полный доступ к администрированию Windows. TypeScript, MIT, npm. Внутри: диагностика служб за один вызов, анализ трендов ошибок, отслеживание изменений в системе, защита от случайных bulk-операций. Пользуюсь сам каждый день. Буду рад фидбеку: что добавить, что лишнее, где можно лучше.

https://habr.com/ru/articles/1036210/

#MCP #Windows #PowerShell #администрирование #DevOps #AI #Claude #автоматизация #мониторинг #Event_Viewer

Собрал MCP-сервер для Windows-администрирования: 42 инструмента, от Event Viewer до диагностики служб

Собрал MCP-сервер для Windows: 42 инструмента в 8 модулях Тут собраны Services, Event Viewer, Task Scheduler, Processes, Network, Diagnostics, Observability, Safety. Одна команда npx windows-admin-mcp , и Claude Desktop / Cursor / Claude Code получают полный доступ к администрированию Windows. TypeScript, MIT, npm. Внутри: диагностика служб за один вызов, анализ трендов ошибок, отслеживание изменений в системе, защита от случайных bulk-операций. Пользуюсь сам каждый день. Буду рад фидбеку: что добавить, что лишнее, где можно лучше.

https://habr.com/ru/articles/1036210/

#MCP #Windows #PowerShell #администрирование #DevOps #AI #Claude #автоматизация #мониторинг #Event_Viewer

The Sequel: The Ghost
A ghost in the machine waiting for you to make a mistake. Will you?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame7.cfm

@trackd.x64.se will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June) 🎙️ Behind the Scenes of PwshSpectreConsole 🎙️ Level Up Your Terminal Experience 🎟️ Book your tickets: psconf.eu #PowerShell #automation #Europe #Germany

15 days to go. If you are still waiting on internal validation, now is the time to complete your registration. 🎟️ Register at psconf.eu #PowerShell #PSConfEU #automation #IT #conference #Europe #Germany #Wiesbaden

15 days to go. If you are still waiting on internal validation, now is the time to complete your registration. 🎟️ Register at psconf.eu #PowerShell #PSConfEU #automation #IT #conference #Europe #Germany #Wiesbaden

15 days to go. If you are still waiting on internal validation, now is the time to complete your registration. 🎟️ Register at psconf.eu #PowerShell #PSConfEU #automation #IT #conference #Europe #Germany #Wiesbaden

15 days to go. If you are still waiting on internal validation, now is the time to complete your registration. 🎟️ Register at psconf.eu #PowerShell #PSConfEU #automation #IT #conference #Europe #Germany #Wiesbaden

Control King: Evil King
He does not care about you! He wants total control over you and your frameworks.

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

Ever wondered how hard it would be to write a #PowerShell based TUI? Use the PSTuiTools module for guidance and inspiration. https://github.com/jdhitsolutions/PSTuiTools

Ever wondered how hard it would be to write a #PowerShell based TUI? Use the PSTuiTools module for guidance and inspiration. https://github.com/jdhitsolutions/PSTuiTools

Control King
The Evil King is seizing control of your cybersecurity frameworks. Do you have the knowledge to overthrow him?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

Control King
The Evil King is seizing control of your cybersecurity frameworks. Do you have the knowledge to overthrow him?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

Control King
The Evil King is seizing control of your cybersecurity frameworks. Do you have the knowledge to overthrow him?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

Control King
The Evil King is seizing control of your cybersecurity frameworks. Do you have the knowledge to overthrow him?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

Control King
The Evil King is seizing control of your cybersecurity frameworks. Do you have the knowledge to overthrow him?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame18.cfm

I've published a minor update to my module for adding metadata to stand-alone #PowerShell functions. https://github.com/jdhitsolutions/PSFunctionInfo

The wait is over! PowerShell Weekly for May 15, 2026 has just been published. Dive into the latest insights and scripts to make your life easier.
#PowerShell #Automation #TechNews
https://psweekly.dowst.dev/?p=8895

Dew Drop Weekly Newsletter 483 - Week Ending May 15, 2026

https://zc.vg/67UPi?m=0

#dewdrop #newsletter #aspnetcore #javascript #css #azure #xaml #windowsdev #cpp #csharp #dotnet #efcore #ai #mcp #devops #agile #IoT #appdev #podcasts #m365 #sqlserver #data #powershell #devtools

Dew Drop Weekly Newsletter 483 - Week Ending May 15, 2026

https://zc.vg/67UPi?m=0

#dewdrop #newsletter #aspnetcore #javascript #css #azure #xaml #windowsdev #cpp #csharp #dotnet #efcore #ai #mcp #devops #agile #IoT #appdev #podcasts #m365 #sqlserver #data #powershell #devtools

Dew Drop Weekly Newsletter 483 - Week Ending May 15, 2026

https://zc.vg/67UPi?m=0

#dewdrop #newsletter #aspnetcore #javascript #css #azure #xaml #windowsdev #cpp #csharp #dotnet #efcore #ai #mcp #devops #agile #IoT #appdev #podcasts #m365 #sqlserver #data #powershell #devtools

Dew Drop Weekly Newsletter 483 - Week Ending May 15, 2026

https://zc.vg/67UPi?m=0

#dewdrop #newsletter #aspnetcore #javascript #css #azure #xaml #windowsdev #cpp #csharp #dotnet #efcore #ai #mcp #devops #agile #IoT #appdev #podcasts #m365 #sqlserver #data #powershell #devtools

Dew Drop Weekly Newsletter 483 - Week Ending May 15, 2026

https://zc.vg/67UPi?m=0

#dewdrop #newsletter #aspnetcore #javascript #css #azure #xaml #windowsdev #cpp #csharp #dotnet #efcore #ai #mcp #devops #agile #IoT #appdev #podcasts #m365 #sqlserver #data #powershell #devtools

@thorsten.butz.io will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Reverse AI-ngineering 🎙️ The PoShaKucha presentations: The Stage is yours! 🎟️ Book your tickets for the #PowerShell #Conference #Europe in #Germany: psconf.eu #automation #IT

@thorsten.butz.io will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Reverse AI-ngineering 🎙️ The PoShaKucha presentations: The Stage is yours! 🎟️ Book your tickets for the #PowerShell #Conference #Europe in #Germany: psconf.eu #automation #IT

@thorsten.butz.io will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Reverse AI-ngineering 🎙️ The PoShaKucha presentations: The Stage is yours! 🎟️ Book your tickets for the #PowerShell #Conference #Europe in #Germany: psconf.eu #automation #IT

@thorsten.butz.io will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Reverse AI-ngineering 🎙️ The PoShaKucha presentations: The Stage is yours! 🎟️ Book your tickets for the #PowerShell #Conference #Europe in #Germany: psconf.eu #automation #IT

@thorsten.butz.io will be on stage for #PSConfEU 2026 in #Wiesbaden (1-4 June)! 🎙️ Reverse AI-ngineering 🎙️ The PoShaKucha presentations: The Stage is yours! 🎟️ Book your tickets for the #PowerShell #Conference #Europe in #Germany: psconf.eu #automation #IT

PSAI
#PowerShell Native AI Agents & Multi-Agent Orchestration

https://github.com/dfinke/PSAI

I've spent 20 years writing and thinking about #PowerShell. This book is the culmination of that work I hope you'll consider adding it to your library. http://jdhitsolutions.com/yourls/psbehind

I've spent 20 years writing and thinking about #PowerShell. This book is the culmination of that work I hope you'll consider adding it to your library. http://jdhitsolutions.com/yourls/psbehind

The Packet Punisher: The Hacker
Can you neutralize the Hacker, or will he claim your network?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame5.cfm

The Packet Punisher: The Hacker
Can you neutralize the Hacker, or will he claim your network?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame5.cfm

The Packet Punisher: The Hacker
Can you neutralize the Hacker, or will he claim your network?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame5.cfm

The Packet Punisher: The Hacker
Can you neutralize the Hacker, or will he claim your network?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame5.cfm

The Packet Punisher: The Hacker
Can you neutralize the Hacker, or will he claim your network?

#CyberSecurity #PowerShell #CFML #AI #Networking #SQL #Cloud #GRC #Gaming #Technology #Python #ZeroTrust #DevSecOps #FinOps #Programming

Game Link: https://blackcatwhitehatsecurity.com/theGame5.cfm

ClickFix Evolves with PySoxy Proxying

A sophisticated ClickFix campaign was observed in April 2026 deploying PySoxy, a decade-old open-source Python SOCKS5 proxy tool, to establish encrypted proxy access on compromised hosts. The attack chain begins with social engineering that tricks users into executing obfuscated PowerShell commands, which then establishes scheduled task persistence and deploys an in-memory PowerShell-based command-and-control agent. Following domain reconnaissance activities, attackers deploy PySoxy to create a redundant encrypted access channel. The persistence mechanism continues attempting re-execution even after initial connections are blocked, demonstrating how single ClickFix executions can evolve into modular post-exploitation chains. This development represents a significant evolution from simple one-time execution to durable access with multiple redundant pathways, requiring comprehensive remediation beyond blocking initial callbacks.

Pulse ID: 6a04a9a171b2ad5ef57d9993
Pulse Link: https://otx.alienvault.com/pulse/6a04a9a171b2ad5ef57d9993
Pulse Author: AlienVault
Created: 2026-05-13 16:41:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #PowerShell #Proxy #Python #RAT #RCE #SocialEngineering #bot #socks5 #AlienVault

ClickFix Evolves with PySoxy Proxying

A sophisticated ClickFix campaign was observed in April 2026 deploying PySoxy, a decade-old open-source Python SOCKS5 proxy tool, to establish encrypted proxy access on compromised hosts. The attack chain begins with social engineering that tricks users into executing obfuscated PowerShell commands, which then establishes scheduled task persistence and deploys an in-memory PowerShell-based command-and-control agent. Following domain reconnaissance activities, attackers deploy PySoxy to create a redundant encrypted access channel. The persistence mechanism continues attempting re-execution even after initial connections are blocked, demonstrating how single ClickFix executions can evolve into modular post-exploitation chains. This development represents a significant evolution from simple one-time execution to durable access with multiple redundant pathways, requiring comprehensive remediation beyond blocking initial callbacks.

Pulse ID: 6a04a9a171b2ad5ef57d9993
Pulse Link: https://otx.alienvault.com/pulse/6a04a9a171b2ad5ef57d9993
Pulse Author: AlienVault
Created: 2026-05-13 16:41:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #PowerShell #Proxy #Python #RAT #RCE #SocialEngineering #bot #socks5 #AlienVault

ClickFix Evolves with PySoxy Proxying

A sophisticated ClickFix campaign was observed in April 2026 deploying PySoxy, a decade-old open-source Python SOCKS5 proxy tool, to establish encrypted proxy access on compromised hosts. The attack chain begins with social engineering that tricks users into executing obfuscated PowerShell commands, which then establishes scheduled task persistence and deploys an in-memory PowerShell-based command-and-control agent. Following domain reconnaissance activities, attackers deploy PySoxy to create a redundant encrypted access channel. The persistence mechanism continues attempting re-execution even after initial connections are blocked, demonstrating how single ClickFix executions can evolve into modular post-exploitation chains. This development represents a significant evolution from simple one-time execution to durable access with multiple redundant pathways, requiring comprehensive remediation beyond blocking initial callbacks.

Pulse ID: 6a04a9a171b2ad5ef57d9993
Pulse Link: https://otx.alienvault.com/pulse/6a04a9a171b2ad5ef57d9993
Pulse Author: AlienVault
Created: 2026-05-13 16:41:05

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #InfoSec #OTX #OpenThreatExchange #PowerShell #Proxy #Python #RAT #RCE #SocialEngineering #bot #socks5 #AlienVault