Shellcode Encryptor A simple shellcode encryptor/decryptor/executor to bypass anti-virus. Purpose To generate a .Net binary containing base64 encoded, AES encrypted shellcode that will execute on a Windows target, bypassing anti-virus....
DNS-Black-Cat(DBC) Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel. Server...
Mortar Loader red teaming evasion technique to defeat and divert detection and prevention of security products. Mortar Loader performs encryption and decryption of selected binary inside the memory streams and...
KingHamlet Process Ghosting Tool – 64 bits Only! King Hamlet is a simple tool, which allows you to perform a Process Ghosting Attack. (https://www.elastic.co/blog/process-ghosting-a-new-executable-image-tampering-attack) Initially, you have to encrypt a...
Jektor Toolkit v1.0 This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system Dynamically resolves API functions to evade...
Exploitation / Post Exploitation
by do son · Published November 22, 2021 · Last modified May 1, 2024
Medusa Medusa is a cross-platform C2 agent compatible with both Python 3.8 and Python 2.7. Notable Features Dynamic loading/unloading of agent functions to limit exposure of agent capabilities on-disk. Loading...
Exploitation / Post Exploitation
by do son · Published November 17, 2021 · Last modified April 20, 2022
OffensiveRust My experiments in weaponizing Rust for implant development and general offensive operations. Why Rust? It is faster than languages like C/C++ It is a multi-purpose language, bearing excellent communities It has...
Skrull There is a well-known feature by which anti-virus or EDR can capture ambiguous or suspicious program files and send them back to security response center for researcher analysis. For...
NimHollow Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the...
ZipExec ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on...
XC Netcat like a reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands: !exit !upload <src> <dst> * uploads a file to the target !download <src> <dst>...
aDLL – Adventure of Dynamic Lynk Library aDLL is a binary analysis tool focused on the automatic discovery of DLL Hijacking vulnerabilities. The tool analyzes the image of the binary...
whoc A container image that extracts the underlying container runtime and sends it to a remote server. Poke at the underlying container runtime of your favorite CSP container platform! WhoC...
Huan Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It encrypts the PE file to be run with different...
Tor Rootkit A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get’s established over the tor network. Features Standalone executable, including python interpreter and tor The executable...
Support Securityonline.info site. Thanks!
