EXOCET – AV-evading, undetectable, payload delivery tool EXOCET is superior to Metasploit’s “Evasive Payloads” modules as EXOCET uses AES-256 in GCM Mode (Galois/Counter Mode). Metasploit’s Evasion Payloads uses an easy...
Shellcode Fluctuation PoC A PoC implementation for another in-memory evasion technique that cyclically encrypts and decrypts shellcode’s contents to then make it fluctuate between RW (or NoAccess) and RX memory protection. When our shellcode...
SillyRAT A cross-platform RAT is written in pure Python. The RAT accepts commands alongside arguments to either perform as the server who accepts connections or to perform as the client/target...
ImpulsiveDLLHijack C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during RedTeam Operations to evade...
Azure Outlook C2 Azure Outlook Command & Control that uses Microsoft Graph API for C2 communications & data exfiltration. Remotely Control a compromised Windows Device from your Outlook Mailbox. This...
LimeLighter A tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scrutiny. LimeLighter can also...
Thread Stack Spoofing / Call Stack Spoofing PoC A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination...
PowerShx PowerShx is a rewrite and expansion of the PowerShdll project. PowerShx provides functionalities for bypassing AMSI and running PS Cmdlets. Features Run Powershell with DLLs using rundll32.exe, installutil.exe, regsvcs.exe,...
inceptor Modern Penetration Testing and Red Teaming often require to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and...
Exploitation / Post Exploitation
by do son · Published September 15, 2021 · Last modified May 1, 2024
Khepri Khepri is a Cross-platform agent, the architecture and usage like Cobalt Strike but free and open-source. beacon: Agent, written in C++. teamserver: Server, written in Golang. teamclient: User client,...
LittleCorporal LittleCorporal: A C# Automated Maldoc Generator How does It work? LittleCorporal accepts a user-supplied argument for a process to inject into a remote machine, in which you plan to...
what the fuzz what the fuzz or wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and or kernel-mode targets running on Microsoft Windows. Execution of the target...
BoobSnail BoobSnail allows generating XLM (Excel 4.0) macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation. Features: various infection techniques; various obfuscation techniques; translation of...
The PyIris Project The PyIris project is a modular, stealthy and flexible remote-access-toolkit written completely in python. It allows users to dynamically build, generate, and encode/encrypt remote-access-trojan payloads for remote control...
Beaconator Beaconator is an aggressor script for Cobalt Strike used to generate either staged or stageless shellcode and packing the generated shellcode using your tool of choice. Currently, it supports the following tools: Staged...
Support Securityonline.info site. Thanks!
