54 matches found
synchrony security vulnerability
synchrony is a javascript-obfuscator cleaner and anti-obfuscator by the relative personal developer. A security vulnerability exists in synchrony versions prior to v2.4.4, which stems from the presence of a prototype contamination vulnerability. The vulnerability can be exploited to execute...
HTMLSmuggler - HTML Smuggling Generator And Obfuscator For Your Red Team Operations
The full explanation what is HTML Smuggling may be found here. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and intrusion detection systems, by disguising malicious payloads within seemingly harmless HTML and JavaScript code. By exploiting the...
TargetCompany Ransomware’s FUD Obfuscation Maneuvers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TargetCompany ransomware employs a combination of its proprietary variant and the BatCloak obfuscator engine, acclaimed for its full undetectability FUD capabilities. Accompanying this fusion is the...
TargetCompany Ransomware Abuses FUD Obfuscator Packers
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable FUD obfuscator engine BatCloak to infect vulnerable systems...
A look at a Magecart skimmer using the Hunter obfuscator
Threat actors are notorious for trying to hide their code in various ways, from binary packers to obfuscators. On their own, these tools are not always malicious as they can also be be used by companies or individuals who wish to keep their work safe from piracy, but overall they tend to be large...
Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data
A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the notorious North Korea-aligned Lazarus Group, new findings reveal. The payload, dubbed WinorDLL64 by ESET, is a fully-featured implant that can exfiltrate, overwrite, and delete...
AeroCMS 0.0.1 Shell Upload
AeroCMS-Unrestricted-File-Upload-POC Author: D4rkP0w4r Description = Upload web shell at Post Image in admin panel Step to Reproduct Login to admin panel - Posts - Add Posts - Post Image - upload malicious file shell.php - access /images/shell.php on url - shell.php page Exploit When upload succe...
BoobSnail - Allows Generating Excel 4.0 XLM Macro
BoobSnail allows generating XLM Excel 4.0 macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation. Features: various infection techniques; various obfuscation techniques; translation of formulas into languages other than English; can be used as a library - you can easily...
LightMe - HTTP Server Serving Obfuscated Powershell Scripts/Payloads
LightMe is a Simple HTTP Server serving Powershell Scripts/Payloads after Obfuscate them and run obfuscation as a service in backgroud in order to keep obfuscate the payloads which giving almost new obfuscated payload on each HTTP request Main Features Obfuscate all powershell files within a...
LoGiC.NET - A More Advanced Free And Open .NET Obfuscator Using Dnlib
LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works with more complex obfuscations than Goldfuscator for example. Before obfuscation After obfuscation Dependencies dnlib v3.3.2 : Restore NuGet packages and it'll work if it doesn't...
Onelinepy - Python Obfuscator To Generate One-Liners And FUD Payloads
Python Obfuscator To Generate One-Liners And FUD Payloads. Download & Run git clone https://github.com/spicesouls/onelinepy cd onelinepy chmod +x setup.sh ./setup.sh onelinepy Usage Guide | || | . | | -| | | | -| . | | | Python |||||||||| | | Obfustucator || || usage: oneline.py -h -m M -i I...
Sunburst backdoor – code overlaps with Kazuar
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. In parallel, Volexity published an article with their analysis of related attacks, attributed to an actor named...
It’s Not the Trump Sex Tape, It’s a RAT
As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...
Obfuscator - The Program Is Designed To Obfuscate The Shellcode
The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1 XOR 2 AES The tool accepts shellcode in 4 formats. 1 base64 2 hex 3 c 4 raw Command Line Usage Usage Description ----- ----------- /f Specify the format of the shellcode base64 hex c raw /enc Specify t...
Avcleaner - C/C++ Source Obfuscator For Antivirus Bypass
C/C++ source obfuscator for antivirus bypass. Build docker build . -t avcleaner docker run -v /dev/scrt/avcleaner:/home/toto -it avcleaner bash adapt /dev/scrt/avcleaner to the path where you cloned avcleaner sudo pacman -Syu mkdir CMakeBuild && cd CMakeBuild cmake .. make -j 2 ./avcleaner.bin...
Powerob - An On-The-Fly Powershell Script Obfuscator Meant For Red Team Engagements
An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity. Installation git clone https://github.com/cwolff411/powerob Usage python3 powerob.py obfuscate originalfile.ps1 obfuscatedfile.ps1 Takes an INPUTFILE obfuscates it and dumps the obfuscated version...
Norman Cryptominer Employs Sophisticated Obfuscation Tactics
A never-before-seen cryptomining variant, dubbed “Norman” after one of its executable files, has been spotted in the wild using various techniques to hide and avoid discovery. The levels of obfuscation are notable for their sheer depth, according to an analysis. Varonis uncovered an initial sampl...
Ghostfuscator - The Python Password-Protected Obfuscator Using AES Encryption
Obfuscate python scripts making them password-protected using AES Encryption Usage Just execute the script, and follow the menu. Info Once an script is obfuscated, when running it a password asking prompt will appear, after submiting the correct password, the script will execute decrypting it's...
Cuteit v0.2.1 - IP Obfuscator Made To Make A Malicious Ip A Bit Cuter
IP obfuscator made to make a malicious ip a bit cuter A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. All of that...
IP Obfuscator - Simple Tool To Convert An IP Into Integer, Hexadecimal Or Octal Form
IP Obfuscator is a simple tool written in python to convert an IP into different obfuscated forms. This tool will help you to obfuscate host addresses into integer, hexadecimal or octal form. What is Obfuscation? "In software development, obfuscation is the deliberate act of creating source or...