Category: Exploitation

VLAN attacks

VLANPWN: VLAN attacks toolkit

VLANPWN VLAN attacks toolkit DoubleTagging.py – This tool is designed to carry out a VLAN Hopping attack. VLAN hopping is a computer security exploit, a method of attacking networked resources on a virtual LAN...

shellcode execution tool

Jektor Toolkit: Windows user-mode shellcode execution tool

Jektor Toolkit v1.0 This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system  Dynamically resolves API functions to evade IAT inclusion  Includes usage...

shellcode emulator

scemu: x86 32/64bits emulator for securely emulating shellcodes

scemu x86 32/64bits emulator, for securely emulating shellcodes Features 📦 rust safety, good for malware. All dependencies are in rust. zero unsafe{} blocks. ⚡ very fast emulation (much faster than unicorn) 3,000,000 instructions/second 100,000 instructions/second printing...

cross-platform C2

Medusa: cross-platform C2 agent

Medusa Medusa is a cross-platform C2 agent compatible with both Python 3.8 and Python 2.7. Notable Features Dynamic loading/unloading of agent functions to limit exposure of agent capabilities on-disk. Loading of Python modules in-memory...

shellcode loader

Alaris: defeats modern EDR systems

Alaris Alaris is a new and sneaky shellcode loader capable of bypassing most EDR systems as of today (10/14/2020). It uses several known TTP’s that help protect the malware and it’s execution flow. Some...

Covert C2 Framework

LARRYCHATTER: Covert C2 Framework

LARRYCHATTER Introduction: Introducing a super-stealthy extra sneaky Python-based C2 Framework that uses Twitter & Dropbox as a C2 Server. This project has been inspired by the Russian threat-group APT-29’s own malware HAMMERTOSS tDiscoverer variant....