LARRYCHATTER: Covert C2 Framework
LARRYCHATTER Introduction: Introducing a super-stealthy extra sneaky Python-based C2 Framework that uses Twitter & Dropbox as a C2 Server. This project has been inspired by the Russian threat-group APT-29’s own...
Category: Exploitation
powershell reverse tcp v3.7 releases: PowerShell script for connecting to a remote host
PowerShell Reverse TCP PowerShell script for connecting to a remote host. The remote host will have full control over the client’s PowerShell and all its underlying commands. Tested with PowerShell...
Print-My-Shell: automate the process of generating various reverse shells
Print-My-Shell “Print My Shell” is a python script, wrote to automate the process of generating various reverse shells based on PayloadsAllTheThings and Pentestmonkey reverse shell cheat sheets. Using this script you can easily generate...
Fudge: Hiding implants in HTML files
Fudge I had some success with on Phishing engagements by base64 encoding the contents of a file, putting it into an HTML file and having it decode and drop when...
GoSH: Golang reverse/bind shell generator
GoSH Golang reverse/bind shell generator This tool generates a Go binary that launches a shell of the desired type on the targeted host. The shell binary can be compiled for...
LDAPFragger: Command and Control tool
LDAPFragger LDAPFragger is a Command and Control tool that enables attackers to route Cobalt Strike beacon data over LDAP using user attributes. The tool will query the Active Directory domain...
C2concealer: generates randomized C2 malleable profiles
C2concealer C2concealer is a command-line tool that generates randomized C2 malleable profiles for use in Cobalt Strike. How it works We poured over the Cobalt Strike documentation and defined ranges...
ReverseShellDll: C++ Windows Reverse Shell
ReverseShellDLL C++ Windows Reverse Shell – Universal DLL Hijack | SSL Encryption | Statically Linked Main Features Universal DLL Hijack – ReverseShellDLL uses the DLL_PROCESS_ATTACH notification to ensure that the...
pinjectra: implements Process Injection techniques
Pinjectra Pinjectra is a C/C++ library that implements Process Injection techniques (with focus on Windows 10 64-bit) in a “mix and match” style. Here’s an example: It’s also currently...
Asynchronous reverse shell using the HTTP protocol
HTTP Asynchronous Reverse Shell Why? Today there are many ways to create a reverse shell in order to be able to remotely control a machine through a firewall. Indeed, outgoing...
PolyShell: a Bash/Batch/PowerShell polyglot
PolyShell: a Bash/Batch/PowerShell polyglot PolyShell is a script that’s simultaneously valid in Bash, Windows Batch, and PowerShell (i.e. a polyglot). This makes PolyShell a useful template for penetration testing as it...
xencrypt: PowerShell script anti-virus evasion tool
Xencrypt Tired of wasting lots of time obfuscating PowerShell scripts like invoke-mimikatz only to have them get detected anyway? Wouldn’t it be awesome if you could take any script and...
ScatterBrain: Suite of Shellcode Running Utilities
ScatterBrain Suite ScatterBrain is a shellcode runner with a variety of execution and elevation options. Given unencoded shellcode, it will then be encoded with the XOR key SecretKey (found in Cryptor/Program.cs and ScatterBrain/Headers/RawData.h) using...
revshellgen v1.3 releases: Reverse shell generator written in Python 3
revshellgen The standalone script is written in Python 3 for generating reverse shells easily without typing. It automates the boring stuff like URL encoding the command and setting up a...
fuzzowski v0.2.1 releases: the Network Protocol Fuzzer
Fuzzowski The idea is to be the Network Protocol Fuzzer that we will want to use. The aim of this tool is to assist during the whole process of fuzzing a network...
