1. Lucky Strike :
This tool is a Powershell based generator of malicious .xls or .doc documents. All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Lucky Strike provides you several infection methods designed to get your payloads to execute without tripping AV. This tool is meant to automatic the creation of malicious payloads.
https://github.com/curi0usJack/luckystrike.git
For more info visit this blog : luckystrike-a-database-backed-evil-macro-generator
2. Office-DDE-Payloads :
https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads.git
For more info Visit this blog : https://posts.specterops.io/reviving-dde-using-onenote-and-excel-for-code-execution-d7226864caee
3. wePWNise :
This tool generates architecture independent VBA code to be used in office documents or templates and automates bypassing application control and exploit mitigation software. It was designed with automation and integration in mind. Installation as simple as git clone https://github.com/mwrlabs/wePWNise.git .
https://github.com/FSecureLABS/wePWNise.git
4. MacroShop :
This is a collection of scripts to aid in delivering payloads via Office Macros. Installation is as simple as git clone https://github.com/khr0x40sh/MacroShop.git
Once installed we can see that we have a few scripts we can run :
Straight from the github page, here's a summary of the different scripts
6. Worse-PDF
Worse-pdf will turn normal PDF file into a malicious one. This can be useful for gaining the trust of your victims. Especially if they would likely be expecting a legitimate PDF from you.
Installation :
git clone https://github.com/3gstudent/Worse-PDF.git
Once installed, run with python worsePDF.py <normal PDF> <Server IP> .
Post a Comment
0 Comments