WinPayloads: Generate Undetectable Windows Payloads!

PenTestIT RSS Feed An older post of mine - MicroSploit dealt with generating backdoored documents for the Office platform. This post is about another open source framework, called WinPayloads which helps you create custom malicious payloads for the Microsoft Windows operating system. What is...

Stitch - Python Remote Administration Tool (RAT)

This is a cross platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well. You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of system info when the system boots,...

BeeLogger - Generate Emailing Keyloggers to Windows on Linux

Generate gmail emailing keyloggers to windows on linux, powered by python and compiled by pyinstaller. Features Send logs each 120 seconds. Send logs when chars 50. Send logs with gmail. Some Phishing methods are included. Multiple Session disabled. Bypass UAC. Prerequisites apt wine wget Linux...

Python 2.x Buffer Overflow

!/usr/bin/env python Exploit : Python 2.x Buffer Overflow POC Tested on : Windows XP , Windows 7 Authors : Sultan Albalawi & Chaitanya @bofheaded Discovery date : 21/jan/2017 GitHub : https://github.com/ChaitanyaHaritash/My-Exploits/blob/master/python2.xbof.py Video : https://youtu.be/hcc6Y55PWBg...

Radium-Keylogger - Python keylogger with multiple features

Python keylogger with multiple features. Features Applications and keystrokes logging Screenshot logging Drive tree structure Logs sending by email Password Recovery for Chrome Mozilla Filezilla Core FTP CyberDuck FTPNavigator WinSCP Outlook Putty Skype Generic Network Cookie stealer Keylogger st...

Python Keylogger: Radium

Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...

Python Remote Access Tool: Ares

Ares is a Python Remote Access Tool Only use this software according to your current legislation. Misuse of this software can raise legal and ethical issues which I don’t support nor can be held responsible for. Ares is made of two main programs: A Command aNd Control server, which is a Web...

IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems

In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering FLARE team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE...

IRONGATE ICS Malware: Nothing to See Here...Masking Malicious Activity on SCADA Systems

In the latter half of 2015, the FireEye Labs Advanced Reverse Engineering FLARE team identified several versions of an ICS-focused malware crafted to manipulate a specific industrial process running within a simulated Siemens control system environment. We named this family of malware IRONGATE...

RSPET - Python Reverse Shell and Post Exploitation Tool

RSPET Reverse Shell and Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 4431 Built-in File/Binary transfer both...

Reverse Shell Post Exploitation Tool: RSPET

RSPET Reverse Shell Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 443 Built-in File/Binary transfer both ways...

Technology share: how to use Python and PyInstaller to write a Windows malicious code-vulnerability warning-the black bar safety net

Disclaimer: This article is intended to share, not for malicious use! This article mainly shows is through the use of python and PyInstaller to build the malicious software of some poc. ! Known to all, malicious software and more will continued to target of the attack. And this is on windows ther...

Venom - Metasploit Shellcode Generator / Compiler / Listenner

The script will use msfvenom metasploit to generate shellcode in diferent formats c | python | ruby | dll | msi | hta-psh , injects the shellcode generated into one funtion example: python "the python funtion will execute the shellcode in ram" and uses compilers like: gcc gnu cross compiler or...

Shellcode Generator: Venom

Shellcode Generator The script will use msfvenom metasploit to generate shellcode in diferent formats c | python | ruby | dll | msi | hta-psh , injects the shellcode generated into one funtion example: python “the python funtion will execute the shellcode in ram” and uses compilers like: gcc gnu...

Ares - Python Botnet and Backdoor

Ares is made of two main programs: A Command aNd Control server, which is a Web interface to administer the agents An agent program, which is run on the compromised host, and ensures communication with the CNC The Web interface can be run on any server running Python. You need to install the...

USBTracker - Script to track USB devices events and artifacts in a Windows OS

USBTracker is a quick & dirty coded incident response and forensics Python script to dump USB related information and artifacts from a Windows OS vista and later. Special recommandations USBTracker read some protected log files and needs to be run with administrator permissions. The most simple w...

MeterSSH - Meterpreter over SSH

As penetration testers, it’s crucial to identify what types of attacks are detected and what’s not. After running into a recent penetration test with a next generation firewall, most analysis has shifted away from the endpoints and more towards network analysis. While there needs to be a mixture ...

[Veil v1.2] A Payload Generator to Bypass Antivirus

Veil is a tool designed to generate metasploit payloads that bypass common anti-virus solutions. Veil was designed to run on Kali Linux, but should function on any system capable of executing python scripts. Simply call Veil from the command line, and follow the menu to generate a payload. Upon...