Mortar is an evasion technique designed to defeat and divert detection and prevention of security products, including Antivirus (AV), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) solutions. It provides a framework for evading detection by security products, allowing for more effective penetration testing and red teaming exercises. Mortar's evasion techniques are designed to bypass security controls, enabling testers to identify vulnerabilities and weaknesses in an organization's defenses. The tool is intended for use by authorized security professionals and penetration testers, and should only be used with proper authorization and in accordance with applicable laws and regulations. By using Mortar, security professionals can simulate real-world attacks, identify vulnerabilities, and improve the overall security posture of an organization.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A suite of tools for Wi-Fi network security assessment and penetration testing.
A command that builds and executes command lines from standard input, allowing for the execution of commands with multiple arguments.
SharpEDRChecker scans system components to detect security products and tools.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.
An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.