all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

LightsOut - Generate An Obfuscated DLL That Will Disable AMSI And ETW

Add to bookmarks
Nov. 19, 2023, 11:30 a.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


LightsOut will generate an obfuscated DLL that will disable AMSI & ETW while trying to evade AV. This is done by randomizing all WinAPI functions used, xor encoding strings, and utilizing basic sandbox checks. Mingw-w64 is used to compile the obfuscated C code into a DLL that can be loaded into any process where AMSI or ETW are present (i.e. PowerShell).

LightsOut is designed to work on Linux systems with python3 and mingw-w64 installed. No other dependencies are required.


Features …

obfuscated code patching powershell python3 sandbox scripts

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

JAW - A Graph-based Security Analysis Framework For Client-side JavaScript 21 hours ago | www.kitploit.com
client-side jaw property graph static analysis +3
Linux-Smart-Enumeration - Linux Enumeration Tool For Pentesting And CTFs With Verbosity Levels 1 day, 9 hours ago | www.kitploit.com
ctfs hackthebox linux enumeration linux-smart-enumeration +3
ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory 2 days, 21 hours ago | www.kitploit.com
Invoke-SessionHunter - Retrieve And Display Information About Active User Sessions On Remote Computers (No Admin … 3 days, 21 hours ago | www.kitploit.com
credentials invoke-sessionhunter localhost registry +1
Subhunter - A Fast Subdomain Takeover Tool 4 days, 21 hours ago | www.kitploit.com
bugbounty bug bounty tools pentesting security tools +3
Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework 5 days, 8 hours ago | www.kitploit.com
hakuin injection metadata mssql +6
BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses 6 days, 21 hours ago | www.kitploit.com
403 bypass 403 forbidden bugbounty bypassfuzzer +5
PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads 1 week ago | www.kitploit.com
firewall bypass fud rat hacking tools penetration testing +3
LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line 1 week, 1 day ago | www.kitploit.com
call clear command command line +15

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Security Operations Vice President - Content Developer

@ JPMorgan Chase & Co. | Jersey City, NJ, United States
View on infosec-jobs.com

Computer and Forensics Investigator

@ ManTech | 221BQ - Cstmr Site,Springfield,VA
View on infosec-jobs.com

Senior Security Analyst

@ Oracle | United States
View on infosec-jobs.com