Gdog A stealthy Python based Windows backdoor that uses Gmail as a command and control server This project was inspired by the gcat(https://github.com/byt3bl33d3r/gcat) from byt3bl33d3r. Features Encrypted transportation messages (AES) + SHA256 hashing Generate...
Maintaining Access / Network PenTest / Post Exploitation / Programming
by do son · Published August 21, 2017
covertutils A framework for Backdoor programming! Documentation Page Blog Post in Securosophy describing some internals What is it? This python package automatically handles all communication channel options, like encryption, chunking, steganography, etc. With all those set with...
Maintaining Access / Network PenTest / Post Exploitation
by do son · Published August 19, 2017 · Last modified November 5, 2017
RC4-PowerShell-RAT Simple powershell reverse shell using RC4 encryption for all the commands and payloads. PsShellClient.py only accept one client at the time. MultiPsShellClient.py accept several clients at the time. The RAT will also save...
Maintaining Access / Network PenTest
by do son · Published August 18, 2017 · Last modified October 10, 2021
emptynest Emptynest is a plugin based C2 server framework. The goal of this project is not to replace robust tools such as Empire, Metasploit, or Cobalt Strike. Instead, the goal is to create a...
Exploitation / Maintaining Access / Network PenTest
by do son · Published August 18, 2017 · Last modified November 10, 2017
EvilAbigail – Initrd encrypted root fs attack Scenario Laptop left turned off with FDE turned on Attacker boots from USB/CD/Network Script executes and backdoors initrd User returns to laptop, boots as normal Backdoored initrd...
Exploitation / Maintaining Access / Network PenTest
by do son · Published August 17, 2017 · Last modified January 29, 2023
Intel_Inside Intel PROSet Wireless – Persistent SYSTEM Shell Implant (All Versions) (Win 7 – 64bit) Context: http://x42.obscurechannel.com/?p=378 Requirements: You have a previously acquired shell (through some other exploit) on a machine as a local admin...
OpenSSH 6.7p1 backdoor kit coded by bl0w. bl0w@koresec.org Features: magic password to get shell with any user (encrypted or no) sniffs all in/out from ssh/sshd, log file encrypted or no. you can chose directory of...
Exploitation / Information Gathering / Maintaining Access / Network PenTest / Post Exploitation / Vulnerability Analysis / Web Exploitation / Web Information Gathering / Web Maintaining Access / Web Vulnerability Analysis / WebApp PenTest
by do son · Published August 6, 2017
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others. Contents Contents Network Analysis IP Whois DNS Identify Live Hosts IDS/IPS...
Getting Started: ANGRYPUPPY is a tool for BloodHound attack path execution in Cobalt Strike. Before you use ANGRYPUPPY, you will require two things: Cobalt Strike — https://cobaltstrike.com BloodHound — https://github.com/BloodHoundAD/BloodHound Once you have obtained these, clone...
Piper Creates a local or remote port forwarding through named pipes. EXAMPLES Creates a local port forwarding through pipe testPipe: -L 33389:127.0.0.1:3389 Creates a remote port forwarding through pipe testPipe: -R 33389:127.0.0.1:3389 Issues...
Maintaining Access / Network PenTest
by do son · Published July 19, 2017 · Last modified August 4, 2017
ranger A tool to support security professionals access and interact with remote Microsoft Windows based systems. This project was conceptualized with the thought process, we did not invent the bow or the arrow, just...
Maintaining Access / Network PenTest / Post Exploitation
by do son · Published July 18, 2017 · Last modified August 4, 2017
Invoke-CradleCrafter v1.1 Introduction Invoke-CradleCrafter is a PowerShell v2.0+ compatible PowerShell remote download cradle generator and obfuscator. Background In the Fall of 2016 after releasing Invoke-Obfuscation, I continued updating my spreadsheet of PowerShell remote download...
Maintaining Access / Network PenTest
by do son · Published July 8, 2017 · Last modified August 3, 2017
redsocks This tool allows you to redirect any TCP connection to SOCKS or HTTPS proxy using your firewall, so redirection is system-wide. Why is that useful? I can suggest following reasons: * you use...
Maintaining Access / Network PenTest
by do son · Published July 7, 2017 · Last modified December 3, 2017
icmptunnel is a tool to tunnel IP traffic within ICMP echo request and response (ping) packets. It’s intended for bypassing firewalls in a semi-covert way, for example when pivoting inside a network where ping...
Maintaining Access / Network PenTest / Post Exploitation
by do son · Published July 5, 2017 · Last modified October 10, 2021
Radium-Keylogger Python keylogger with multiple features Feature –> Applications and keystrokes logging –> Screenshot logging –> Drive tree structure –> Logs sending by email –> Password Recovery for • Chrome • Mozilla • Filezilla...
Secure Your Connection
