What is UAC? UAC (User Account Control) is a security feature, introduced from Windows 7 and onward versions of Windows. This prevents that even a local administrator account can’t execute changes to operating system, unless the user specifically chooses to. It is very common to see desktop users working with Read more…
Hot Potato Windows Privilege Escalation exploit on PowerShell Tater Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit. Credit All credit goes to @breenmachine, @foxglovesec, Google Project Zero, and anyone else that helped work out the details for this exploit. Potato – https://github.com/foxglovesec/Potato Included In Read more…
Bypass Antivirus & Exploit Windows Using PowerShell Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code on the target system. Failed attacks will cause denial of service conditions. Affected Version Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Read more…
A payload stager using PowerShell This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and some additional obfuscation. This enables the actual payload to be executed Read more…
Powershell Toolkit Collection PowerMemory: https://github.com/giMini/PowerMemory Exploit the credentials present in files and memory ReflectiveDLLInjection: https://github.com/stephenfewer/ReflectiveDLLInjection Reflective DLL injection is a library injection technique that is primarily used to perform the loading of a library from memory to host processes. The library should therefore be able to load itself by implementing Read more…
Brutal A Toolkit To Create Various HID Attacks Brutal is a simple toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device. It is used on a target machine without the need for human-to-keyboard interaction ( HID -ATTACK ). When you insert the Read more…
Unicorn PowerShell downgrade attack Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber’s PowerShell attacks and the PowerShell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18. Usage is simple, just run Magic Read more…
A Framework That Creates An Advanced FUD Dropper With Some Tricks Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a dropper that bypass most AVs and have some tricks 😉 Read more…