CloakifyFactory
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
As testers, we sometimes need some good, old-fashioned trial and error to get things working. Phishing is one of the attacks that commonly takes more than one attempt to get payloads and command and control (C2) working properly. This post covers how to help effectively perform payload trial and error by randomly serving payloads from one URL with Apache mod_rewrite. The technique described in this post lends itself more to a penetration test, where email phishing batches may span an entire target company, rather than a red team assessment, where email phishing is highly targeted and payload issues are painstakingly troubleshot manually. Following the steps below, we can configure an Apache redirector, or server directly, to serve a random payload from a predefined list of possible payloads with the RewriteMap - randomized plain text functionality of Apache. Apache’s RewriteMap function allows external programs, such as scripts, databases, or text files to remap requests for Apache to serve. The example commonly used in the official documentation is if a store changes from a URL structure of item-1234 to iPhone-7-white, the web administrators could use Apache to serve up iPhone-7-white when item-1234 is requested without having to change any hard coded links.
Data exfiltration & infiltration tool using text-based steganography to evade security controls.
Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.
CobaltBus enables Cobalt Strike C2 traffic via Azure Servicebus for enhanced covert operations.
Macro_Pack is a tool used to automate obfuscation and generation of Office documents for pentest, demo, and social engineering assessments.
Chameleon aids in evading proxy categorization to bypass internet filters.
A black-box obfuscation tool for Android apps with Android App Bundle support.