Search the Community

Learn how to write phishing malware and harvest credentials for gaining initial access into your target's environment. This course is recommended for students with an intermediate knowledge of programming. Course: Initial Access Operations by FortyNorth (PDF + video): 01 - Introduction 02 - Dev Environment Goals 03 - Cred Harvesting 04 - Docx Remote Template Injection 05 - Code Execution 06 - Code Execution Deep Dive 07 - XLM Macros 08 - Code Protections [Hidden Content] [hide][Hidden Content]]

Are you looking for a complete Web-Based Initial Coin Offering (ICO) Platform? then you are in the right place. No need to pay thousands of dollars to hire developers to build your own ICO Website. ICOLab is a complete Online Initial Coin Offering solution, that gives a user-friendly experience to users and an easily manageable environment with proper benefits to admin. Its easily installable, controllable through the admin panel, comes with a responsive design, high security, interactive User interface. support plugins, LiveChat, automatic payment gateway, instant active token, and more. [Hidden Content] [hide][Hidden Content]]

Mystikal Mystikal is a macOS payload generator integrated with Mythic. Mystikal leverages Mythic scripting to log in and creates the necessary payload for the selected initial access method. Mystikal creates an Apfell or Leviathan payload depending on the chosen initial access method. A common payload used for initial access is the installer package. These packages are eXtensible ARchiver (XAR) archives that conform to a specific folder structure and have a .pkg file extension. The easy comparison to Windows would be Windows installers which typically have the .msi file extension. As with Windows installers, installer packages execution typically results in an install wizard presented to the end-user for installation. For offensive use, typical installer package execution relies upon preinstall and postinstall scripts, which are simple bash scripts that execute during the installation process. An alternative method depends upon the abuse of JavaScript within distribution Extensible Markup Language (XML) files using InstallerJS. Apple’s InstallerJS is an Application Programming Interface (API) leveraged in distribution XML files to perform installation checks. Within the InstallerJS API is the system.run tag, which can execute system commands. The Silver Sparrow malware recently used this method. By abusing the distribution XML file, attackers can perform the same tasks typically within preinstall / postinstall scripts. The benefit of this method is that it makes it slightly harder to see what actions the installer package is performing. Additionally, due to the invocation time of the distribution XML file, the installer package does not need to finish the installation process for execution to occur. Changelog v2.2.13 Merge pull request #107 from its-a-feature/2.2-updates added in a few more pages for the new ui, updated mythic-cli to include… [hide][Hidden Content]]

Mystikal is a macOS payload generator integrated with Mythic. Mystikal leverages Mythic scripting to log in and creates the necessary payload for the selected initial access method. Mystikal creates an Apfell or Leviathan payload depending on the chosen initial access method. A common payload used for initial access is the installer package. These packages are eXtensible ARchiver (XAR) archives that conform to a specific folder structure and have a .pkg file extension. The easy comparison to Windows would be Windows installers which typically have the .msi file extension. As with Windows installers, installer packages execution typically results in an install wizard presented to the end-user for installation. For offensive use, typical installer package execution relies upon preinstall and postinstall scripts, which are simple bash scripts that execute during the installation process. An alternative method depends upon the abuse of JavaScript within distribution Extensible Markup Language (XML) files using InstallerJS. Apple’s InstallerJS is an Application Programming Interface (API) leveraged in distribution XML files to perform installation checks. Within the InstallerJS API is the system.run tag, which can execute system commands. The Silver Sparrow malware recently used this method. By abusing the distribution XML file, attackers can perform the same tasks typically within preinstall / postinstall scripts. The benefit of this method is that it makes it slightly harder to see what actions the installer package is performing. Additionally, due to the invocation time of the distribution XML file, the installer package does not need to finish the installation process for execution to occur. [hide][Hidden Content]]