Nation-state actors affiliated to North Korea have been observed using spear-phishing attacks to deliver an assortment of backdoors and tools such as AppleSeed, Meterpreter, and TinyNuke to seize control of compromised machines. South Korea-based cybersecurity company AhnLab attributed the activity to an advanced persistent threat group known as Kimsuky. “A notable point about attacks that […]
Kage (ka-geh) is a tool inspired by AhMyth designed for Metasploit RPC Server to interact with meterpreter sessions and generate payloads. For now it only supports windows/meterpreter & android/meterpreter Getting Started Please follow these instructions to get a copy of Kage running on your local machine without any problems. Prerequisites Metasploit-framework must be […]
This is a full undetectable python RAT which can bypass almost all antivirus and open a backdoor inside any windows machine which will establish a reverse https Metasploit connection to your listening machine. ViRu5 life cycle Bypass all anti-virus. Inject a malicious powershell script into memory. Establish a reverse https connection to attacker machine. Check […]
Meterpreter_Paranoid_Mode.sh allows users to secure your staged/stageless connection for Meterpreter by having it check the certificate of the handler it is connecting to. We start by generating a certificate in PEM format, once the certs have been created we can create a HTTP or HTTPS or EXE payload for it and give it the path […]
SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom encrypter with string obfuscation and run-time code compilation features so you can bypass the countermeasures of your target systems like a boss… until they “learn” the technique and behavior of SpookFlare payloads. ___ ___ ___ ___ _ __ ___ […]
MeterSSH is a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection. The way it works is by injecting shellcode into memory, then wrapping a port spawned (meterpreter in this case) by the shellcode over SSH […]
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom encrypter with string obfuscation and run-time code compilation features so you can bypass […]
Kwetza is a tool that allows you to infect an existing Android application with a Meterpreter payload. What does it do? Kwetza infects an existing Android application with either custom or default payload templates to avoid detection by antivirus. Kwetza allows you to infect Android applications using the target application’s default permissions or inject additional […]
Whenever I get a shell on a Windows system with VMware installed I feel a certain frustration at not being able to access the filesystem of the available virtual machines. Although it would be possible to download the .vmdk files to my host and mount them locally this solution is very noisy and heavy due […]
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool DOWNLOAD Meterpreter_Payload_Detection https://github.com/DamonMohammadbagher/Meterpreter_Payload_Detection CREDITS: DamonMohammadbagher Install Notes Download Meterpreter_Payload_Detection Compile C#code or unzip release_v1.0.0.4 Run Meterpreter_Payload_Detection.exe If you liked this software please consider leaving a star and folking the software from github. C# code Author : Damon Mohammadbagher Meterpreter Signature Authors : Rohan […]
These days we stumble upon how to use meterpreter or how to hack someone using metasploit but no one tells you on how to detect and kill the meterpreter if you are hacked. Today we will have a look at two tools that will achieve this goal. Antipwny – A host based IDS written in […]