GhostDelivery : .VBS Script To Deliver Payload With Persistence

GhostDelivery is a python script to generate obfuscated .vbs script that delivers payload (payload dropper) with persistence and windows antivirus disabling functions.

Heavy

Downloads payload to TEMP directory and executes payload to bypass windows smart screen. Disables Defender,

UAC/user account control, Defender Notifications, injects/creates Command Prompt and Microsoft Edge shortcuts with payload path (%TEMP%/payload.exe) to execute payload when opened, adds a scheduled task called “WindowsDefender” for payload to be run at login and obfuscates the vbs delivery script.

GhostDelivery has a serveo function to deliver obfuscated vbs script.

Also Read – VTHunting : A Tiny Script Used to Generate Report About Virus Total Hunting

Medium

The medium option only delivers/executes payload, creates a scheduled task named “WindowsDefender” to run payload at login for persistence, disables UAC and injects/creates Command Prompt and Microsoft Edge shortcuts with payload path.

Light

The light option only delivers/executes payload, creates a scheduled task named “WindowsDefender” to run payload at login for persistence and injects/creates Command Prompt and Microsoft Edge shortcuts with payload path. Prerequisites/requirements:

*Python 2.7, Modules imported in script. (random, sys, string, os, time, base64)

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

15 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

17 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

19 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

19 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

19 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago