Locked Xeca: creates encrypted PowerShell payloads for offensive purposes

By itsMe
July 24, 2020 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted July 24, 2020

- Share

Posted July 24, 2020

This is the hidden content, please

xeca

xeca is a project that creates encrypted PowerShell payloads for offensive purposes.

Creating position independent shellcode from DLL files is also possible.

How It Works

    Identify and encrypt the payload. Load encrypted payload into a powershell script and save to a file named “launch.txt”
    The key to decrypt the payload is saved to a file named “safe.txt”
    Execute “launch.txt” on a remote host
        The script will call back to the attacker defined web server to retrieve the decryption key “safe.txt”
        Decrypt the payload in memory
        Execute the intended payload in memory

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)
  
  By itsMe, December 5, 2021
  - for
  - support
  - (and 5 more)
    
    Tagged with:
    
    for
    
    support
    
    plugin.
    
    (a_antidebug
    
    x64
    
    sharpod
    
    x64dbg)
  - 0 replies
  - 1,648 views
- How to sniff API of android aps For making configs
  
  By itsMe, May 20, 2021
  - making
  - for
  - (and 6 more)
    
    Tagged with:
    
    making
    
    for
    
    aps
    
    android
    
    api
    
    sniff
    
    how
    
    configs
  - 0 replies
  - 246 views
- How To Make Simple APP Config(API) In OPENBULLET Using Fiddler
  
  By itsMe, March 24, 2023
  - easiest
  - configs
  - (and 8 more)
    
    Tagged with:
    
    easiest
    
    configs
    
    openbullet
    
    api
    
    android
    
    making
    
    for
    
    setup
    
    how
    
    method
  - 0 replies
  - 499 views
- TweakNow WinSecret Plus! for Windows 11 and 10 4.6.0
  
  By itsMe, April 27, 2023
  - tweaknow
  - winsecret
  - (and 5 more)
    
    Tagged with:
    
    tweaknow
    
    winsecret
    
    plus!
    
    for
    
    windows
    
    and
    
    4.6.0
  - 0 replies
  - 281 views
- Free Python for Data Science
  
  By dEEpEst, April 25, 2023
  - free
  - python
  - (and 3 more)
    
    Tagged with:
    
    free
    
    python
    
    for
    
    data
    
    science
  - 0 replies
  - 218 views

Sign In

Locked Xeca: creates encrypted PowerShell payloads for offensive purposes

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

SharpOD x64 (A_AntiDebug Plugin. Support for x64dbg)

How to sniff API of android aps For making configs

How To Make Simple APP Config(API) In OPENBULLET Using Fiddler

TweakNow WinSecret Plus! for Windows 11 and 10 4.6.0

Free Python for Data Science

Browse

Activity

Store

Important Information