An Application Whitelisting Bypass Tool
git clone http://ift.tt/2vUhimw
The first screen you’ll see is this menu.
Select the payload you wish to generate by name or its number, help for help, and menu at any time to get back here.
For single payload generation you will find the follwing with with values pointing to your C&C to fill out.
These can be set using set variable value syntax
Or by entering variable name/# itself, which gives more hints about the expected value
help gives more info as well
\n because I hate markdown
Once the correct values have been set generate to build your payload.
The payload (shellcode.xml in this case) appears in the root directory.
The devs should fix this so you can specify an output folder, but they are lazy.
For network testing purposes use generateAll from the inital menu
The bottom values are those which are common to multiple payloads. This lets you easily set your C&C values for all the payloads.
When it’s all set generate and you’ll find your payloads in ./GenerateAll/
A script to automatically execute each payload is pending (eta 2034).
For now, drop the folder onto the representative box, execute payloads one by one, and note which are blocked, which generate alerts, and which make it through undisturbed.
The post GreatSCT: generate application white list bypasses appeared first on Penetration Testing.