itsMe Posted January 3, 2023 Share Posted January 3, 2023 This is the hidden content, please Sign In or Sign Up geacon_pro is an Anti-Virus bypassing CobaltStrike Beacon written in Golang based on the geacon project. geacon_pro supports CobaltStrike version 4.1+ geacon_pro has implemented most functions of Beacon. The core of bypassing Anti-Virus can be reflected in three aspects: There is no CobaltStrike Beacon feature. Viruses written in Golang can bypass the detection of antivirus software to a certain extent. Some dangerous functions which can be easily detected by antivirus software has been changed to more stealthy implementations. Functions Windows platform: sleep, shell, upload, download, exit, cd, pwd, file_browse, ps, kill, getuid, mkdir, rm, cp, mv, run, execute, drives, powershell-import, powershell, execute-assembly, Multiple thread injection methods (you can replace the source code yourself), inject, shinject, dllinject, pipe, Various CobaltStrike native reflection dll injection (mimikatz, portscan, screenshot, keylogger, etc.), steal_token, rev2self, make_token, getprivs, proxy, delete self, timestomp, etc. Supports reflectiveDll, execute-assembly, powershell, powerpick, upload and execute, and other functions of cna custom plugins. Linux, Mac platform: sleep, shell, upload, download, exit, cd, pwd, file_browse, ps, kill, getuid, mkdir, rm, cp, mv, delete self, etc. Process management and file management support graphical interaction. This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts