Light

mvelazc0 / defcon27_csharp_workshop Goto Github PK

View Code? Open in Web Editor NEW

1.0K 23.0 256.0 5.47 MB

Writing custom backdoor payloads with C# - Defcon 27 Workshop

C# 96.64% C++ 3.36%

csharp payloads redteam

defcon27_csharp_workshop's Introduction

Hi there 👋

I'm Mauricio. Currently, I'm a threat researcher at Splunk's Threat Research Team. My areas of focus include detection engineering, threat hunting and adversary simulation.

I (ocassionally) maintain a blog at https://medium.com/@mvelazco/.

I have presented and hosted workshops at conferences including BlackHat Arsenal, Defcon, DerbyCon, BSides, X33fcon, BruCON, Splunk .conf, SANS, MITRE ATT&CKcon, and others. Most of these can be found here: Talks-Presentations.

You can also find me on Twitter and LinkedIn.

defcon27_csharp_workshop's People

Contributors

Stargazers

Watchers

Forkers

raystyle rabx hello-xbugs kareem-mohamed my-mr-e boh gavz lhutyra attackdeveloper sunnyneo jfstewart akshayjaing fredyfx sasqwatch topotam analyticsearch h0k5 rulosan superdong0 m00zh33 johnjohnsp1 cabve ronnieflip rusev lunarobliq vuduclyunitn gracel1 askyeye modulexcite decay88 jack51706 mrcraniums fengjixuchui ducnhse130201 attackgithub imulmul steev90 jaredhaight g30rg3pak redwifiteam visionarysec bharadwajyas darkoperator atropineal un4ckn0wl3z pect0ral zzhsec jorgeliu666 greyd0g 02bx i-liberty arryboom eniac888 ggg4566 h1d3r dirtypipe sry309 lwhat beerandgin azzahrah skylning a-min3 aaq1adqwe jordanpotti thesubtlety gattacker needafuture sunlewuyou py7hagoras mrdellis mattgrandy projectzerodays redxranger shantanu561993 alibay7 miltinhoc nasa03 vdministrator ifishzz red-infosec bfuzzy1 prasad1618 d0n0x aaronleshalock reanimat0r superuser5 mmg1 ykankaya mambrui 5l1v3r1 engindemirbilek gr3yr0n1n solomonsklash halbachb protonarm-oss sn0wli0n blacksayonara mrjamiebowman-blog ashemery kevien

defcon27_csharp_workshop's Issues

defcon27_csharp_workshop + invoke-obfuscate

Hey i have tested your tool in different payloads and applications and it all went pretty well.. love your work...
so i went one step forward and i used invoke-obfuscate to obfuscate my powershell payload or script... i encoded it to base64 myself (cause its not encoded its only obfuscated)
and i put it into 2.cs "string script = 'encodedblabla' and no errors were displayed while creating and running the exe but no session was created
Like u said i did not specify the "powershell -nop -w 1 -enc ......." only the "......"

wanna say i used venom to create powershell payload and it worked :) but when tried to obfuscate it no session was created :(

if i could use your help thankx you very much :)

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.