Venoma Save

Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

Project README

Venoma



Yet another ☠️ Cobalt Strike ☠️ beacon dropper



A custom C++ raw beacon dropper with :

Compile Time API Hashing
Run-Time Dynamic Linking
PPID spoofing
DLL Unhooking (Fresh + Perun's fart)
ETW Patching
EnumPageFilesW execution
Local & remote APC Execution
Indirect syscall execution
Cobalt Strike Artifact kit integration
Self deletion


All functions are included, choose what you need and remove anything else before compiling.









Cobalt Strike artifact kit integration


> Compile the project and rename the binary to artifact64big.exe
> Add your own artifact.cna in the same folder
> Load your cna into Cobalt Strike and generate a stageless Windows payload
> Enjoy
Video tutorial here : https://www.youtube.com/watch?v=tGa3xJymEfY



What da fuck is this ?


I would learn more about antivirus evasion so I made a video on Youtube :
https://www.youtube.com/watch?v=lFO2bPzxLGI


Open Source Agenda is not affiliated with "Venoma" Project. README Source: ProcessusT/Venoma
Stars
92
Open Issues
0
Last Commit
1 month ago
Repository
ProcessusT/Venoma
Homepage
https://processus.site
Tags
Antivirus Bypass C2 Cobalt Dropper Edr Malware Payload Pentest Red Strike Team Indirect Syscalls

Open Source Agenda Badge

Open Source Agenda Rating
Submit Review Review Your Favorite Project
Submit Resource Articles, Courses, Videos
Submit Article Submit a post to our blog

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?

From the blog

Dec 11, 2022

How to Choose Which Programming Language to Learn First?