Venoma

<div align="center"> <br> <a href="https://twitter.com/intent/follow?screen_name=ProcessusT" title="Follow"><img src="https://img.shields.io/twitter/follow/ProcessusT?label=ProcessusT&style=social"></a> <br> <h1 > Yet another ☠️ Cobalt Strike ☠️ beacon dropper<br /> </h1> <br><br> </div>

A custom C++ raw beacon dropper with :<br /><br /> <strong>Compile Time API Hashing</strong><br /> <strong>Run-Time Dynamic Linking</strong><br /> <strong>PPID spoofing</strong><br /> <strong>DLL Unhooking (Fresh + Perun's fart)</strong><br /> <strong>ETW Patching</strong><br /> <strong>EnumPageFilesW execution</strong><br /> <strong>Local & remote APC Execution</strong><br /> <strong>Indirect syscall execution</strong><br /> <strong>Cobalt Strike Artifact kit integration</strong><br /> <strong>Self deletion</strong><br /> <br />

<br>

<h4>All functions are included, choose what you need and remove anything else before compiling.</h4> <br> <div align="center"> <img src="https://github.com/ProcessusT/Venoma/raw/main/assets/bypass2.png" width="100%;"><br> <img src="https://github.com/ProcessusT/Venoma/raw/main/assets/demo.jpg" width="100%;"><br> <img src="https://github.com/ProcessusT/Venoma/raw/main/assets/IAT%20obfuscation.jpg" width="100%;"><br> <img src="https://github.com/ProcessusT/Venoma/raw/main/assets/strings.jpg" width="100%;"><br /> </div> <br>

<br /><br />

Cobalt Strike artifact kit integration

<br /> > Compile the project and rename the binary to artifact64big.exe<br /> > Add your own artifact.cna in the same folder<br /> > Load your cna into Cobalt Strike and generate a stageless Windows payload<br /> > Enjoy<br /> Video tutorial here : <a href="https://youtu.be/lFO2bPzxLGI?si=RmvFmliroacXW6Sk">https://www.youtube.com/watch?v=tGa3xJymEfY</a>

<br /><br />

What da fuck is this ?

<br /> I would learn more about antivirus evasion so I made a video on Youtube :<br /> <a href="https://www.youtube.com/watch?v=lFO2bPzxLGI">https://www.youtube.com/watch?v=lFO2bPzxLGI</a> <br /><br /><br />