GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrates data using Google Drive. Why This program has been developed in order to provide a command and control that does not require any particular set up (like: aRead More
A program to control systems remotely by uploading videos to Youtube using Python to create the videos and the listener, emulating some malware I was reading about. It allows to create videos with frames formed of simple text, QR codes with cleartext or QR codes using AES encryption. Create a video The videos can beRead More
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel. Server ported as a python script, which acts as DNS server with required functionalities to provide interactive shell command interface. Client ported as the following file formatsRead More
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object. Background For background information, please refer to the following blog post: WS-Management COM: Another Approach for WinRM Lateral Movement Notes SharpWSManWinRM.cs and CppWsManWinRM.cpp compile in Visual Studio 2019. Refer to the code comments for required imports/references/etc.Read More
[*] An interactive command prompt that executes commands through proxychains and automatically logs them on a Cobalt Strike team server. Installation RedShell runs on Python 3. It also requires a Cobalt Strike client installed on the system where it runs. Install dependencies: pip3 install -r requirements.txt Install proxychains-ng (https://github.com/rofl0r/proxychains-ng): apt install proxychains4 Make the agscriptRead More
This script was to developed to capture screenshot during pentest engagment and OSCP. IMPORTANT: The screenshot feature is no longer allowed for exam but the terminal logging is allowed for exam. If you like the tool and for my personal motivation so as to develop other tools please a +1 star * The tool canRead More
ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an “offensive framework for blue teamers“, ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry.WindowsSee /Linux for ELFezEmu is compiled as parent.exe to simplify process trees, and will track (and also kill) child processes toRead More
