PowerShdll on offsec.tools


Run PowerShell with rundll32 in order to bypass software restrictions.

Does not require access to powershell.exe as it uses powershell automation dlls.
PowerShdll can be run with: rundll32.exe, installutil.exe, regsvcs.exe, regasm.exe, regsvr32.exe or as a standalone executable.

Payloads can be embeded by modifying the "payload" variable in the start method of the common.cs file. If a payload is embeded, all other varguments will be ignored and the payload will be executed upon running PowerShdll.