Forwarded from BugCod3
ghost is a light RAT that gives the server/attacker full remote access to the user's command-line interpreter (cmd.exe). They are allowed to execute commands silently without the client/zombie noticing. The server/attacker is also given the ability to download and execute files on the client/zombie's computer. This is also a silent and hidden process. Like most Remote Access Trojans, this download and execution ability helps distribute viruses and other pieces of malware.
This malware is distributed simply by running zombie.exe. This file name can be changed to whatever. There is no restriction. When run, it searches for the first two arguments (IP & Port). If neither is provided, the program doesn't run. With that being said, make sure you provide the server's IP and Port in the command-line arguments. Example:
zombie.exe 127.0.0.1 27015
BugCod3#Rat #Malware #Remote #Access
Please open Telegram to view this post
VIEW IN TELEGRAM
👌2👍1
Forwarded from APT
⚙️ MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
🔗 https://github.com/Xre0uS/MultiDump
#lsass #remote #cpp #python
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
🔗 https://github.com/Xre0uS/MultiDump
#lsass #remote #cpp #python
👍5🥰1