decoded PowerShell script that perform C2 connection. The script decodes and executes commands received from a C2 server by using R64Decoder Function.
credit : @whichbuffer
this tool was used by an APT to target @bellingcat
https://gist.github.com/whichbuffer/22621545f9f5a1d946affd34f6659e64
#c2 , #powershell , #tool
credit : @whichbuffer
https://gist.github.com/whichbuffer/22621545f9f5a1d946affd34f6659e64
#c2 , #powershell , #tool
❤🔥2
PingRAT: secretly passes C2 traffic through firewalls using ICMP payloads
https://github.com/umutcamliyurt/PingRAT
#c2 ,#tool , #go
———
@islemolecule_source
https://github.com/umutcamliyurt/PingRAT
#c2 ,#tool , #go
———
@islemolecule_source
PSRansom: a PowerShell Ransomware Simulator with C2 Server capabilities.
https://github.com/JoelGMSec/PSRansom
#c2 , #powershell , #simulat , #tool
———
@islemolecule_source
https://github.com/JoelGMSec/PSRansom
#c2 , #powershell , #simulat , #tool
———
@islemolecule_source
Azure AD Security Config Analyzer (AADSCA)
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/AADSecurityConfigAnalyzer.md
Credit: Thomas Naunheim, Sami Lamppu & Markus Pitkäranta
#MicrosoftAzure #shiftavenue , #tool
———
@islemolecule_source
https://github.com/Cloud-Architekt/AzureAD-Attack-Defense/blob/main/AADSecurityConfigAnalyzer.md
Credit: Thomas Naunheim, Sami Lamppu & Markus Pitkäranta
#MicrosoftAzure #shiftavenue , #tool
———
@islemolecule_source
Amazing tool for anyone interested in mobile & malware security…
kaspersky has released iShutdown, a collection of Python scripts that can detect various strains of iOS #spyware, such as #Pegasus, #Predator, and #Reign.
https://github.com/KasperskyLab/iShutdown
#tool
———
@islemolecule_source
kaspersky has released iShutdown, a collection of Python scripts that can detect various strains of iOS #spyware, such as #Pegasus, #Predator, and #Reign.
https://github.com/KasperskyLab/iShutdown
#tool
———
@islemolecule_source
❤1
Quick Assembler source code released
Simple (experimental) x86/x86 assembler and emulator.
https://github.com/zodiacon/QuickAsm
#tool
———
@islemolecule_source
Simple (experimental) x86/x86 assembler and emulator.
https://github.com/zodiacon/QuickAsm
#tool
———
@islemolecule_source
👍1
Download data from the internet bypassing the firewall using process injection
https://github.com/redeflesq/firewall-bypass
#tool
———
@islemolecule_source
https://github.com/redeflesq/firewall-bypass
#tool
———
@islemolecule_source
👍3
Deluder - Python tool that intercepts network communications by injecting into binaries with Frida.
credit : Warxim
https://github.com/Warxim/deluder?tab=readme-ov-file
#tool ,
———
@islemolecule_source
credit : Warxim
https://github.com/Warxim/deluder?tab=readme-ov-file
#tool ,
———
@islemolecule_source
👍2
WinDbg extension for data mining managed heap. It also includes commands to list http request, wcf services, WIF tokens among others
https://github.com/rodneyviana/netext
#tool
———
@islemolecule_source
https://github.com/rodneyviana/netext
#tool
———
@islemolecule_source
pspy is a command line tool designed to snoop on processes without need for root permissions. It allows you to see commands run by other users, cron jobs, etc. as they execute.
https://github.com/DominicBreuker/pspy
#tool
https://github.com/DominicBreuker/pspy
#tool