.png)
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and PowerShell source code, and is developed for offensive security engagements such as Red/Purple Teams. What separates Codecepticon from other obfuscators is that it targets the source code rather than the compiled executables, and was developed specifically for AV/EDR evasion. Codecepticon allows …
Tag Archives: .NET
Nimcrypt2 : .NET, PE, And Raw Shellcode Packer/Loader Written In Nim
Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with the main improvements being the use of direct syscalls and the ability to load regular PE files as well as raw shellcode. Before going any further, I must acknowledge those who did the VAST majority of work …
Continue reading “Nimcrypt2 : .NET, PE, And Raw Shellcode Packer/Loader Written In Nim”
LACheck : Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
LACheck is a Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration. Arguments ./LACheck.exe help _ _ _ | | /\ / | | | || | / \ | | | |_ _ | | | | / /\ \ | | | ‘_ \ / _ \/ | |/ / | | / \ …
SharpSphere : .NET Project For Attacking vCenter
SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter. It uses the vSphere Web Services API and exposes the following functions: Command & Control – In combination with F-Secure’s C3, SharpSphere provides C&C into VMs using VMware Tools, with no direct network connectivity to …
Continue reading “SharpSphere : .NET Project For Attacking vCenter”
NashaVM : A Virtual Machine For .NET Files & Its Runtime Was Made In C++/CLI
Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI Installation git clone https://github.com/Mrakovic-ORG/NashaVM –recurse cd NashaVM\NashaVM nuget restore msbuild Dependencies dnlib .NET Framework 4.0 Visual C++ Redistrutable Known Issues Incompatible with Linux based OS FAQ What is this project for? This project is made to protect and hide managed …
Continue reading “NashaVM : A Virtual Machine For .NET Files & Its Runtime Was Made In C++/CLI”
SharpSecDump : .Net Port Of The Remote SAM + LSA Secrets Dumping
SharpSecDump is a .Net port of the remote SAM + LSA Secrets dumping functionality of impacket’s secretsdump.py. By default runs in the context of the current user. Please only use in environments you own or have permission to test against. Usage SharpSecDump.exe -target=192.168.1.15 -u=admin -p=Password123 -d=test.local Required Flags -target – Comma seperated list of IP’s …
Continue reading “SharpSecDump : .Net Port Of The Remote SAM + LSA Secrets Dumping”
GRAT2 : Command And Control (C2) Project For Learning Purpose
GRAT2 is a Command and Control (C2) tool written in python3 and the client in .NET 4.0. The main idea came from Georgios Koumettou who initiated the project. Why we developed GRAT2 ? We are aware that there are numerous C2 tools out there but, we developed this tool due to curiosity of how C2 …
Continue reading “GRAT2 : Command And Control (C2) Project For Learning Purpose”
RedPeanut : Small RAT Developed in .Net Core 2 & Its Agent in .Net 3.5 / 4.0
RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0. RedPeanut code execution is based on shellcode generated with DonutCS. It is therefore a hybrid, although developed in .Net it does not rely solely on the Assembly.Load. This increases the detection surface, but allows us to practice …
Continue reading “RedPeanut : Small RAT Developed in .Net Core 2 & Its Agent in .Net 3.5 / 4.0”
FudgeC2 : A Collaborative C2 Framework For Purple-Teaming Written In Python3, Powershell & .NET
FudgeC2 is a campaign orientated Powershell C2 framework built on Python3/Flask – Designed for team collaboration, client interaction, campaign timelining, and usage visibility. Note: FudgeC2 is currently in alpha stage, and should be used with caution in non-test environments. Beta will be released later this year, at BlackHat Arsenal. Setup Installation To quickly install & run …
Covenant : A .NET Command & Control Framework That Aims To Highlight The Attack Surface
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. Covenant is an ASP.NET Core, cross-platform application that includes a web-based interface that allows for multi-user collaboration. Also …