3 matches found
A Bag of RATs: VenomRAT vs. AsyncRAT
Introduction Remote access tools RATs have long been a favorite tool for cyber attackers, since they enable remote control over compromised systems and facilitate data theft, espionage, and continuous monitoring of victims. Among the well-known RATs are VenomRAT and AsyncRAT. These are open-sourc...
ExecuteAssembly - Load/Inject .NET Assemblies
ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host spawnto process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI,...
Execute .net Assembly (x64 only)
This module executes a .NET assembly in memory. It reflectively loads a dll that will host CLR, then it copies the assembly to be executed into memory. Credits for AMSI bypass to Rastamouse @RastaMouse This module requires Metasploit: https://metasploit.com/download Current source:...