Hacking

6 Tools For Malicious Document Creation

Liferacer333
by Liferacer333 October 21, 2020

 



1. Lucky Strike :

         



    This tool is a Powershell based generator of malicious .xls or .doc documents. All your payloads are saved into a database for easy retrieval & embedding into a new or existing document. Lucky Strike provides you several infection methods designed to get your payloads to execute without tripping AV. This tool is meant to automatic the creation of malicious payloads.

https://github.com/curi0usJack/luckystrike.git


For more info visit this blog : luckystrike-a-database-backed-evil-macro-generator



2. Office-DDE-Payloads :


This is a collection of scripts and templates to generate office documents embedded with the DDE, macro-less command execution technique.

https://github.com/0xdeadbeefJERKY/Office-DDE-Payloads.git


For more info Visit this blog : https://posts.specterops.io/reviving-dde-using-onenote-and-excel-for-code-execution-d7226864caee


3. wePWNise :

 


This tool generates architecture independent VBA code to be used in office documents or templates and automates bypassing application control and exploit mitigation software. It was designed with automation and integration in mind. Installation as simple as git clone https://github.com/mwrlabs/wePWNise.git . 




https://github.com/FSecureLABS/wePWNise.git


4. MacroShop :


  This is a collection of scripts to aid in delivering payloads via Office Macros. Installation is as simple as git clone https://github.com/khr0x40sh/MacroShop.git

Once installed we can see that we have a few scripts we can run :


Straight from the github page, here's a summary of the different scripts



5. Macro_pack :


        Macro_pack is used to automatize obfuscation and generation of office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. Once again, installation is as simple as git clone https://github.com/sevagas/macro_pack.git 

Once installed, they have a test script that you can run with python3 test/mp_test.py It will output the results which will look something like :





6. Worse-PDF

Worse-pdf will turn normal PDF file into a malicious one. This can be useful for gaining the trust of your victims. Especially if they would likely be expecting a legitimate PDF from you.

Installation :

git clone https://github.com/3gstudent/Worse-PDF.git

Once installed, run with python worsePDF.py <normal PDF> <Server IP> .



Post a Comment

0 Comments