Skip to content
This repository has been archived by the owner on Aug 18, 2023. It is now read-only.

v5.0
Compare
Choose a tag to compare
@Tylous Tylous released this 20 Apr 17:54
· 3 commits to main since this release
v5.0
a2b9238
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New Features

  • Removed the binary mode template
  • Rebuilt the loader and structure files to be more modular
  • Introduced 4 shellcode templates -Exec that can be used for any type (.exe, cpl. dll, js)
  • Added 2 new encryption methods (RC4 and LZMA)
  • Introduced -encryptionmode command line argument to choose either RC4, LZMA, or AES encryption for the Shellcode
  • Added -obfu command line argument to toggle the -literals flag on Garble
  • Removed IoC for Garble for certain well-known Anti-Malware products
  • Added additional unhook technique KnownDlls
  • Added -Evasion command line argument to choose the type of EDR unhooking technique
  • Added Remote ETW patching for process injection mode
  • Added random extentions for Wscript side-loading
  • Added -clone command line argument to clone a certificate from a file
  • Updated it to be compatible with Go versions 1.19.1 and up

Bug Fixes

  • With the new binary templates, issues with Mythic C2 shellcode should be fixed
  • Fixed IoC with base64 encoding on compiled DLLs
  • Removed IoCs related to some Anti-Malware products
  • Updated help menu & README
Assets 7
Loading