Light

ct-cn / kaiser Goto Github PK

View Code? Open in Web Editor NEW

This project forked from ntraiseharderror/kaiser

0.0 0.0 0.0 2.25 MB

Fileless persistence, attacks and anti-forensic capabilties.

C 91.71% PowerShell 8.29%

kaiser's Introduction

Kaiser

File-less persistence, attacks and anti-forensic capabilities (Windows 7 32-bit).

NOTE: This project was NOT designed to evade AV detection.

Related paper: https://github.com/NtRaiseHardError/NtRaiseHardError.github.io/blob/master/_posts/2018-12-06-Anti-forensic-Malware-and-File-less-Malware.md

This project is discontinued.

How to Build/Use:

Compile Kaiser.dll in Release mode
Upload Kaiser.dll such that it can be directly downloaded as a raw binary
Update the BuildKaiser.ps1 script to include the URL for Kaiser.dll
Run BuildKaiser.ps1 to build the Payload.ps1 script
Upload the Payload.ps1 script such that it can be directly downloaded as raw text
Update the BuildKaiser.ps1 script to include the URL of Payload.ps1
Run BuildKaiser.ps1 to build the Installer.ps1 script
Run the Installer.ps1 script with administrative privileges on the target machine

Known bugs:

Threaded XxxNetSend sends will buffer (reason unknown)
PurgeXxx functions are not guaranteed to work (perhaps this is because it uses ShellExecuteEx
More?

TODO

CommandPrintStatus to print the status of Kaiser?
Convert functions in firewall.c to WinAPI
[OPTIONAL] Make C2 connection loop until established
Convert Functions in registry.c to WinAPI
Send debugging warnings/errors back to C2
Make PurgeProcessMonitor asynchronous (IWbemServices::ExecNotificationQueryAsync)

kaiser's People

Contributors

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.