Browsing category
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API. This is still a preliminary version intended as a POC. The code works only on x64 processes and tested against Powershell V5.1. Usage […]
Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an infrastructure that becomes very large quickly. This makes it […]
CoffeeShot is an evasion framework that injects payload from Java-based programs into designated processes on Microsoft Windows. It assists blue team members in assessing the effectiveness of their anti-malware measures against malicious software written in Java. Red team members and pen testers can also use CoffeeShot to bypass the target’s security controls. It utilizes JNA […]
Blind-bash is an open source project, you can use this project to obfuscate your bash code and obfuscation is the best way to hide important things in your code. This tool will give you blind & strong code, but everyone has knowledge in bash script can DE-obfuscate this code. So this obfuscation not %100 secure, […]
This application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls. Overview hideNsneak provides a simple interface that allows penetration testers to build ephemeral infrastructure — one that requires minimal […]
Not only can it bind two exes (Windows only), but this program also obfuscates ths two exes. Its output file is usually fully undetectable among 68.7% of the antivirus software used on VirusTotal. How it Works This program always binds itself to the two other files. This way, when the binded application runs, the program […]
A post-exploitation tool capable of maintaining persistence on a compromised machine, subverting many common host event logs (both network and account logon) and generating false logs / network traffic. Based on [PyDivert] (https://github.com/ffalcinelli/pydivert), a Python binding for WinDivert, a Windows driver that allows user-mode applications to capture/modify/drop network packets sent to/from the Windows network stack. Built […]
2FAssassin will automate the exploitations against the common vulnerabilities that lead to the private key leakage. It can be used to compromise individual system, or the entire network using looted private keys. It also capable to analyze and identify potential private keys from a pool of gathered files, critical key information extraction in order to […]
Run PowerShell with dlls only. Does not require access to powershell.exe as it uses powershell automation dlls. dll mode: Usage: rundll32 PowerShdll,main <script> rundll32 PowerShdll,main -f <path> Run the script passed as argument rundll32 PowerShdll,main -w Start an interactive console in a new window rundll32 PowerShdll,main -i Start an interactive console in this console If […]
MorphAES is the world’s first polymorphic shellcode/malware engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS, it’s cross-platform as well and library-independent. Properties: Polymorphism (AES encryption) Metamorphism (logic and constants changing) Platform independent (Linux/BSD/Windows) IDPS stealthing (the total number of possible signatures is more the number of atoms […]
A filename extension is very important in the Windows operating system and it appears at the end of the file name. Not only can you instantly tell what type of file format, whether it is an image or an executable application, Windows can also decide what program to launch it with based on what is […]
This post is based on how to bypass Anti-Virus by using FUD (Fully Undetectable). There are many Crypters and binders but manually based is the best in the business. In Penetrating tests FUD Crypter is most important part for ethical hackers.Metasploit encoders can also be used to bypass antivirus but in this tutorial it is […]