XLM (Excel 4.0) Macro Generator for Phishing Campaigns

tl;dr EXCELntDonut takes C# source code as an input, converts it into shellcode, and generates an XLM (Excel 4.0) macro that will inject the

Continue Reading
Screenshooter: The Beacon Screenshot Savior

A C# tool to screenshot user's desktop(s) complete with multiple checks. Will work with Cobalt Strike's Execute-Assembly. Best name we could think of since SharpShooter

Continue Reading
Quick Guide to Security Headers - Part One

A month ago, we finished a series of six web application assessments for local and regional banks. In addition to common web vulnerabilities, like SQLi, we

Continue Reading
Remotely Host MSBuild Payloads

tl;dr Separate your C# payload from a MSBuild XML file and host it remotely on a WebDav server. Red teams and attackers frequently repurpose MSBuild,

Continue Reading
EyeWitness - Potential Modifications

This is the second post in relation to the new .Net implementation of EyeWitness and it will cover a few things that you should possibly do

Continue Reading