AceLdr
CarbonCopy
AceLdr | CarbonCopy | |
---|---|---|
2 | 3 | |
824 | 1,245 | |
- | - | |
1.4 | 0.0 | |
10 days ago | over 3 years ago | |
C | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AceLdr
-
Red team engagement help!
But I do always healthy recommend writing a custom DLL loader for your payloads. And with CS, make sure you’re using a custom reflective loader. Something like AceLDR https://github.com/kyleavery/AceLdr
- AceLdr: Cobalt Strike UDRL for memory scanner evasion.
CarbonCopy
-
Red team engagement help!
Funny enough, I've had some luck with fake-signing exes. https://github.com/paranoidninja/CarbonCopy Its a little old so your milage might vary (I honestly havent used it in a year or so) but in a pinch I've fake signed with microsoft.com public cert and it bypassed av and edr tools.
-
Awesome Penetration Testing
CarbonCopy - Tool that creates a spoofed certificate of any online website and signs an Executable for AV evasion.
-
Fully Bypassing the 3060 Ti LHR Mode
According to the documentation: " The only way to enable this mode is by loading microcode that has been signed by NVIDIA. " Using the method popularized by Matt Graeber a fake signature might be able to be generated and malicious microcode made to perform this action. It would allow flashing run-of-the-mill BIOS to the card and simply deleting the LHR BIOS as well as disabling the secret handshake.
What are some alternatives?
Limelighter - A tool for generating fake code signing certificates or signing real ones
iodine - Official git repo for iodine dns tunnel
NSGenCS - Extendable payload obfuscation and delivery framework
Freeze - Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
SigThief - Stealing Signatures and Making One Invalid Signature at a Time
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
ScareCrow - ScareCrow - Payload creation framework designed around EDR bypass.
lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Cppcheck - static analysis of C/C++ code
SQLMap - Automatic SQL injection and database takeover tool