• Stars
    star
    238
  • Rank 169,306 (Top 4 %)
  • Language
    Go
  • License
    MIT License
  • Created over 4 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A polyglot payload generator

SNOWCRASH


SNOWCRASH

A polyglot payload generator

Language License

Introduction

SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user (in this case combined Bash and Powershell code) is embedded into a single polyglot template, which is platform-agnostic.

There are few payloads available, including command execution, reverse shell establishment, binary execution and some more :>

Basic usage

  1. Install dependencies: ./install.sh

  2. List available payloads: ./snowcrash --list

  3. Generate chosen payload: ./snowcrash --payload memexec --out polyglot_script

  4. Change extension of the polyglot script: mv polyglot_script polyglot_script.ps1

  5. Execute polyglot script on the target machine

Additional notes

Delay before script run and payload execution can be specified as an interval (using --sleep flag) in the form:

x[s|m|h]

where

x = Amount of interval to spend in idle state
s = Seconds
m = Sinutes
h = Hours

After generation, the extension of generated script containing the payload can be set either to .sh or .ps1 (depending on the platform we want to target).

Generated payload can be written directly to STDOUT (instead of writing to a file) using --stdout flag.

Screenshots

License

This software is under MIT License

More Repositories

1

neurax

A framework for constructing self-spreading binaries
Go
992
star
2

Coldfire

Golang malware development library
Go
924
star
3

Bashark

Bash post exploitation toolkit
Shell
713
star
4

easyWSL

Create WSL distros based on Docker Images.
C#
555
star
5

Citadel

Collection of pentesting scripts
Shell
429
star
6

Revssl

A script that automates generation of OpenSSL reverse shells
Shell
298
star
7

GoSH

Golang reverse/bind shell generator
Go
225
star
8

AirStrike

Automatically grab and crack WPA-2 handshakes with distributed client-server architecture
Shell
189
star
9

RedNixOS

NixOS-based 'distro' for cybersecurity enthusiasts
Nix
179
star
10

Netenum

A tool to passively discover active hosts on a network
Python
155
star
11

Sammler

A tool to extract useful data from documents
Go
154
star
12

VTSCAN

VirusTotal API script
Python
134
star
13

RedNix

Hackable NixOS container
Nix
123
star
14

BMJ

Code snippets for bare-metal malware development
Assembly
95
star
15

YAS

Yet Another Sniffer for monitoring network traffic
Python
83
star
16

GodSpeed

Fast and intuitive manager for multiple reverse shells
Go
82
star
17

UnChain

A tool to find redirection chains in multiple URLs
Go
78
star
18

meducat

Combinations of default usernames and passwords for the Medusa and Hashcat password cracker
67
star
19

REVENANT

Volatile ELF payloads generator with Metasploit integrations for testing GNU/Linux ecosystems
C
53
star
20

Solaris

A local LKM rootkit loader/dropper that lists available security mechanisms
Go
52
star
21

Svetovid

A bunch of post exploitation tools + reverse proxy server
Shell
46
star
22

pentest-cheatsh-it

Pentesting cheatsheet
30
star
23

RedSand

Windows SandBox environment for cybersecurity enthusiasts
PowerShell
28
star
24

poXSSon

A framework for easy payloads development and deployment, collection of customizable XSS payloads
Python
26
star
25

Penthon

Useful python functions for pentesting, networking, data conversion and automation
Python
18
star
26

POWERPROMPT

A colorful, informative prompt for Zsh
Shell
16
star
27

RedHash

Medusa combo files, Hashcat rules and dictionaries, JRT rules
12
star
28

RedMark

Our fork of Iceman's fork for Proxmark III
C
12
star
29

LLT

Shellcoding scripts and utilities
Perl
8
star
30

word-processing-rules

Rules for Hashcat, HCRE and JTR
7
star
31

talks

slides from talks of our members
6
star