Creating malware and custom payloads
AV0id
AV0id.
Darkarmour
Empire
FatRat
Mythic C2 Framework
https://github.com/its-a-feature/Mythic The Mythic C2 framework is an alternative option to Metasploit as a Command and Control Framework and toolbox for unique payload generation. A cross-platform, post-exploit, red teaming framework built with GoLang, docker, docker-compose, and a web browser UI. It's designed to provide a collaborative and user friendly interface for operators, managers, and reporting throughout red teaming.
msfvenom
Nishang
Syringe
syringe
Veil
Creating malware in pdf
These two modules in metasploit:
- exploit/windows/fileformat/adobe_pdf_embedded_exe
- exploit/windows/fileformat/adobe_pdf_embedded_exe_nojs
Creating malware in word document
1. Craft an executable
Use for instance veil.
2. Convert it to a VisualBasic script - macro code
locate exe2vba
# Result: /usr/share/metasploit-framework/tools/exploit/exe2vba.rb
# Go to the folder
cd /usr/share/metasploit-framework/tools/exploit/
# Create the malicious vba script
./exe2vba.rb <first-parameter> path/to/nameOfOutputFile.vba
# first parameter: malicious executable file that will be converted to macro code. Take the path to the .exe file provided by veil
3. Create an MS Word document
4. Opena new macro and embed macro code
5. Copy the payload as text in the word document. If it's too long, disguise it (set font color to white).
6. Convince the victim to have macros enabled.
7. Start a listener and wait for the victim to connect.
Creating malware in a Firefox addon
Use the metasploit module to generate the addon: exploit/multi/browser/firefox_xpi_bootstrapped_addon
It will be served from SRVHOST:SRVPORT/URIPATH. This URL you can serve it from a phishing email.
Last update: 2023-07-10 Created: March 28, 2023 14:53:05