GreatSCT v1.0: generate application white list bypasses


GreatSCT is a tool designed to generate Metasploit payloads that bypass common anti-virus solutions and application whitelisting solutions.


git clone







The first screen you’ll see is this menu.

Select the payload you wish to generate by name or its number, help for help, and menu at any time to get back here.

For single payload generation, you will find the following with values pointing to your C&C to fill out.

These can be set using set variable value syntax

Or by entering variable name/# itself, which gives more hints about the expected value

help gives more info as well

\n because I hate markdown

Once the correct values have been set generate to build your payload.

The payload (shellcode.xml in this case) appears in the root directory.
The devs should fix this so you can specify an output folder, but they are lazy.

For network testing purposes use generateAll from the initial menu

The bottom values are those which are common to multiple payloads. This lets you easily set your C&C values for all the payloads.

When it’s all set generate and you’ll find your payloads in ./GenerateAll/

A script to automatically execute each payload is pending (eta 2034).
For now, drop the folder onto the representative box, execute payloads one by one, and note which are blocked, which generate alerts, and which make it through undisturbed.