Evilreg : Reverse Shell Using Windows Registry Files (.reg)

Evilreg is a reverse shell using Windows Registry files (.reg)

Features

Reverse TCP Port Forwarding using Ngrok.io

Requirements

  • Ngrok Authtoken (for TCP Tunneling): Sign up at: https://ngrok.com/signup
  • Your authtoken is available on your dashboard: https://dashboard.ngrok.com
  • Install your auhtoken: ./ngrok authtoken <YOUR_AUTHTOKEN>
  • Target must reboot/re-login after installing the .reg file

Also Read – CatchYou : FUD Win32 Msfvenom Payload Generator

Usage

git clone https://github.com/thelinuxchoice/evilreg
cd evilreg
bash evilreg.sh

Disclaimer

Usage of Evilreg for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Download
R K

Share
Published by
R K
Tags: EvilregReverse ShellwindowsWindows Registry Files
6 years ago

Recent Posts

How to Prevent Software Supply Chain Attacks

What is a Software Supply Chain Attack? A software supply chain attack occurs when a…

2 days ago

How UDP Works and Why It Is So Fast

When people ask how UDP works, the simplest answer is this: UDP sends data quickly…

2 weeks ago

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

2 weeks ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

2 weeks ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

2 weeks ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

2 weeks ago