HastySeries
A C# toolset to support offensive operators to triage, asses and make intelligent able decisions. Provided operators access to toolsets that can be integrated into other projects and workflow throughout a Red Team, Pentest or host investigation. We built this toolset over a period of a few days, hence the tool prefix of “Hasty”.
OpSec
Assembly Names
One major chnage to the assembly namespace is the naming convention, all projects have been moved to the Action Namespace.
PDB
All PDB settings have been disabled for Release builds.
Strings
To prevent some basic string matching, some basic precautions where taken. of course, this is an example and if OpSec is upmost concern change static key and use the HastyFixup string fixup project to build new strings before re-compile.
- All strings are XOR’d with a static key
- All strings are then encoded with Base64
- Strings are decoded at execution
- Strings are XOR’d with static key
- String is presented to console
Tool TOC
HastyArp
Type: ENUMERATION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform arp requests. This project uses IpHlpApi.dll for native functionality.
HastyDrives
Type: ENUMERATION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform lists drives on an execution system. This project uses System.IO namespace to easily accomplish this.
HastyDump
Type: COLLECTION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform collection operations to perform MiniDumps of a process as well as a raw mem dump. This provides operators with multiple choices to achieve access to process memory space.
HastyFixup
Type: OPSEC
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform OPSEC operations on the tools provided in this repo. The tools help XOR strings, PE Fixups, etc.
HastyLogging
Type: SA
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform situational awareness operations of auditing settings. This project uses a mix of built-in and native functionality.
HastyNslookup
Type: ENUMERATION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform nslookup enumeration operations. This project uses System.Net namespace to easily accomplish this.
HastyPing
Type: ENUMERATION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform ping enumeration operations. This project uses System.Net namespace to easily accomplish this.
HastyShellcode
HastyShot
Type: COLLECTION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform collection operations of auditing settings. This project uses a mix of built-in and native functionality.
HastyStroke
Type: COLLECTION
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform keystroke collection operations. This project uses a mix of built-in and native functionality.
HastyUptime
Type: SA
.NET Framework: 3.5
Usage/README: README.md
This project aims to provide a user with the ability to perform situational awareness operations of current system uptime. This project uses native functionality.
Download
Copyright (C) 2019 Alexander Rymdeko-Harvey (@killswitch-GUI) & Scottie Austin (@CheckyMander)
