DarkArmour: Windows AV Evasion tool
Windows AV Evasion Tool Store and execute an encrypted windows binary from inside memory, without a single bit touching disk. Installation It uses the python stdlib so no need to...
Category: Exploitation
PythonAESObfuscate: Obfuscates a Python Script and the accompanying Shellcode
PythonAESObfuscate Pythonic way to load shellcode. Builds an EXE for you too! Requirements Windows Python 2.7 Pyinstaller PyCrypto Download git clone https://github.com/offsecginger/PythonAESObfuscate.git Usage Place a payload.bin raw shellcode file in the...
hershell: Multiplatform reverse shell generator
Hershell A simple TCP reverse shell is written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing traffic interception. Supported...
TrelloC2: Simple C2 over the Trello API
TrelloC2 Simple C2 over Trello’s API (Proof-of-Concept) Requirements Python 3.x Setup Clone the repo: git clone https://github.com/securemode/TrelloC2.git Create a Trello account: https://trello.com/signup Once logged in, get your API key: https://trello.com/app-key Generate a...
dlinject: Inject a shared library into a live linux process without ptrace
dlinject.py Inject a shared library (i.e. arbitrary code) into a live Linux process, without ptrace. Inspired by Cexigua and linux-inject, among other things. How it Works Send the stop signal to the...
SysWhispers: AV/EDR evasion via direct system calls
SysWhispers SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are supported from Windows XP to 10. Example generated files...
VBA-RunPE: effective implementation of the RunPE technique in VBA
VBA RunPE A simple yet effective implementation of the RunPE technique in VBA. This code can be used to run executables from the memory of Word or Excel. It is...
BetterBackdoor v1.14.1 releases: A backdoor with a multitude of features
BetterBackdoor A backdoor is a tool used to gain remote access to a machine. Typically, backdoor utilities such as NetCat have 2 main functions: to pipe remote input into cmd...
MaliciousMacroMSBuild: Generates Malicious Macro and Execute Powershell or Shellcode
Malicious Macro MSBuild Generator Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass, this tool intended for adversary simulation and red teaming purposes. Download git clone...
BoomER: Framework for exploiting local vulnerabilities
BoomER BoomER is an open-source framework, developed in Python. The tool is focused on post-exploitation, with the main objective, the detection and exploitation of local vulnerabilities, as well as the...
SCShell: Fileless lateral movement tool to run command
SCShell Fileless lateral movement tool that relies on ChangeServiceConfigA to run command. The beauty of this tool is that it doesn’t perform authentication against SMB everything is performed over DCERPC....
[BlackHat USA tool] SSHoRTy: progressive, customizable standalone reverse SSH shell tunnel and SOCKS proxy
What is SSHoRTy? A standalone Reverse SSH shell tunnel and SOCKS Proxy implant for Red Teams operating in Linux and MacOS systems. Why SSHoRTy? SSHoRTy wants to: Establish a reverse...
FudgeC2: A collaborative C2 framework for purple-teaming
FudgeC2 FudgeC2 is a campaign-orientated Powershell C2 framework built on Python3/Flask – Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Users Users within Fudge are divided into...
Donut v1.0 releases: Generates x86 and x64 position-independent shellcode
Donut is a shellcode generation tool that creates x86 or x64 shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given...
Fragscapy: command-line tool to fuzz network protocols
FragScapy Fragscapy is a command-line tool to fuzz network protocols by automating the modification of outgoing network packets. It can run multiple successive tests to determine which options can be...
