InlineExecute-Assembly – A PoC Beacon Object File (BOF) That Allows Security Professionals To Perform In Process .NET Assembly Execution

InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module. InlineExecute-Assembly will execute any assembly with the entry point of Main(string[] args) or Main(). This should allow you to run most releasedRead More

CVE-2021-40444 PoC – Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file) You need to install lcab first (sudo apt-get install lcab) Check REPRODUCE.md for manual reproduce steps If your generated cab is not working, try pointingRead More

CheeseTools – Self-developed Tools For Lateral Movement/Code Execution

This repository has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and for giving me the right motivation to work on them. CheeseExec Command Exec / Lateral movement via PsExec-like functionality. Must be running in the context of a privileged user. The tool is based on rasta-mouseRead More

Procrustes – A Bash Script That Automates The Exfiltration Of Data Over Dns In Case We Have A Blind Command Execution On A Server Where All Outbound Connections Except DNS Are Blocked

A bash script that automates the exfiltration of data over dns in case we have a blind command execution on a server where all outbound connections except DNS are blocked. The script currently supports sh, bash and powershell and is compatible with exec style command execution (e.g. java.lang.Runtime.exec). Unstaged:    Staged:   For its operations,Read More

pongoOS – A Pre-Boot Execution Environment For Apple Boards

A pre-boot execution environment for Apple boards built on top of checkra1n. Building on macOS Install Xcode + command-line utilities make clean all Building on Linux Download Sam Bingner’s iOS Toolchain Copy scripts/arm64-apple-ios12.0.0-clang to a directory in $PATH Adjust the TOOLCHAIN variable to point to the downloaded toolchain make clean all Contributions By submitting aRead More

WMIHACKER – A Bypass Anti-virus Software Lateral Movement Command Execution Tool

中文版(Chinese version) Disclaimer: The technology involved in this project is only for security learning and defense purposes, illegal use is prohibited! Bypass anti-virus software lateral movement command execution test tool(No need 445 Port)Introduction: The common WMIEXEC, PSEXEC tool execution command is to create a service or call Win32_Process.create, these methods have been intercepted by Anti-virusRead More

ezEmu – Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an “offensive framework for blue teamers“, ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry.WindowsSee /Linux for ELFezEmu is compiled as parent.exe to simplify process trees, and will track (and also kill) child processes toRead More

SharpRDP – Remote Desktop Protocol .NET Console Application For Authenticated Command Execution

To compile open the project in Visual Studio and build for release. Two DLLs will be output to the Release directory, you do not need those because the DLLs are in the assembly. If you do not want to use the provided DLLs you will need to .NET SDK to create the AxMSTSCLib.dll DLL. ToRead More

X