Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š OffensivePipeline - Allows You To Download And Build C# Tools, Applying Certain Modifications In Order To Improve Their Evasion For Red Team Exercises


๐Ÿ’ก Newskategorie: IT Security Nachrichten
๐Ÿ”— Quelle: kitploit.com


OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
A common use of OffensivePipeline is to download a tool from a Git repository, randomise certain values in the project, build it, obfuscate the resulting binary and generate a shellcode.


Features

  • Currently only supports C# (.Net Framework) projects
  • Allows to clone public and private (you will need credentials :D) git repositories
  • Allows to work with local folders
  • Randomizes project GUIDs
  • Randomizes application information contained in AssemblyInfo
  • Builds C# projects
  • Obfuscates generated binaries
  • Generates shellcodes from binaries
  • There are 79 tools parameterised in YML templates (not all of them may work :D)
  • New tools can be added using YML templates
  • It should be easy to add new plugins...

What's new in version 2.0

  • Almost complete code rewrite (new bugs?)
  • Cloning from private repositories possible (authentication via GitHub authToken)
  • Possibility to copy a local folder instead of cloning from a remote repository
  • New module to generate shellcodes with Donut
  • New module to randomize GUIDs of applications
  • New module to randomize the AssemblyInfo of each application
  • 60 new tools added

Examples

  • List all tools:
OffensivePipeline.exe list
  • Build all tools:
OffensivePipeline.exe all
  • Build a tool
OffensivePipeline.exe t toolName
  • Clean cloned and build tools
OffensivePipeline.exe 

Output example

PS C:\OffensivePipeline> .\OffensivePipeline.exe t rubeus

ooo
.osooooM M
___ __ __ _ ____ _ _ _ +y. M M
/ _ \ / _|/ _| ___ _ __ ___(_)_ _____| _ \(_)_ __ ___| (_)_ __ ___ :h .yoooMoM
| | | | |_| |_ / _ \ '_ \/ __| \ \ / / _ \ |_) | | '_ \ / _ \ | | '_ \ / _ \ oo oo
| |_| | _| _| __/ | | \__ \ |\ V / __/ __/| | |_) | __/ | | | | | __/ oo oo
\___/|_| |_| \___|_| |_|___/_| \_/ \___|_| |_| .__/ \___|_|_|_| |_|\___| oo oo
|_| MoMoooy. h:
M M .y+
M Mooooso.
ooo

@aetsu
v2.0.0


[+] Loading tool: Rubeus
Clonnig repository: Rubeus into C:\OffensivePipeline\Git\Rubeus
Repository Rubeus cloned into C:\OffensivePipeline\Git\Rubeus

[+] Load RandomGuid module
Searching GUIDs...
> C:\OffensivePipeline\Git\Rubeus\Rubeus.sln
> C:\OffensivePipeline\Git\Rubeus\Rubeus\Rubeus.csproj
> C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs
Replacing GUIDs...
File C:\OffensivePipeline\Git\Rubeus\Rubeus.sln:
> Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286
> Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e
> Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a
[+] No errors!
File C:\OffensivePipeline\Git\Rubeus\Rubeus\Rubeus.csproj:
> Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286
> Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e
> Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a
[+] No errors!
File C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs:
> Replacing GUID 658C8B7F-3664-4A95-9572-A3E5871DFC06 with 3bd82351-ac9a-4403-b1e7-9660e698d286
> Replacing GUID FAE04EC0-301F-11D3-BF4B-00C04F79EFBC with 619876c2-5a8b-4c48-93c3-f87ca520ac5e
> Replacing GUID 658c8b7f-3664-4a95-9572-a3e5871dfc06 with 11e0084e-937f-46d7-83b5-38a496bf278a
[+] No errors!


[+] Load RandomAssemblyInfo module
Replacing strings in C:\OffensivePipeline\Git\Rubeus\Rubeus\Properties\AssemblyInfo.cs
[assembly: AssemblyTitle("Rubeus")] -> [assembly: AssemblyTitle("g4ef3fvphre")]
[assembly: AssemblyDescription("")] -> [assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")] -> [assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")] -> [assembly: AssemblyCompany("")]
[assembly: AssemblyProduc t("Rubeus")] -> [assembly: AssemblyProduct("g4ef3fvphre")]
[assembly: AssemblyCopyright("Copyright ยฉ 2018")] -> [assembly: AssemblyCopyright("Copyright ยฉ 2018")]
[assembly: AssemblyTrademark("")] -> [assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")] -> [assembly: AssemblyCulture("")]


[+] Load BuildCsharp module
[+] Checking requirements...
[*] Downloading nuget.exe from https://dist.nuget.org/win-x86-commandline/latest/nuget.exe
[+] Download OK - nuget.exe
[+] Path found - C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\Common7\Tools\VsDevCmd.bat
Solving dependences with nuget...
Building solution...
[+] No errors!
[+] Output folder: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud


[+] Load ConfuserEx module
[+] Checking requirements...
[+] Downloading ConfuserEx from https://github.com/mkaring/ConfuserEx/releases/download/v1.6.0/ConfuserEx-CLI.zip
[+] Download OK - ConfuserEx
Confusing...
[+] No errors!


[+] Load Donut module
Generating shellcode...

Payload options:
Domain: RMM6XFC3
Runtime:v4.0.30319

Raw Payload: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud\ConfuserEx\Donut\Rubeus.bin
B64 Payload: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud\ConfuserEx\Donut\Rubeus.bin.b64

[+] No errors!


[+] Generating Sha256 hashes
Output file: C:\OffensivePipeline\Output\Rubeus_vh00nc50xud


-----------------------------------------------------------------
SUMMARY

- Rubeus
- RandomGuid: OK
- RandomAssemblyInfo: OK
- BuildCsharp: OK
- ConfuserEx: OK
- Donut: OK

-----------------------------------------------------------------

Plugins

  • RandomGuid: randomise the GUID in .sln, .csproj and AssemblyInfo.cs files
  • RandomAssemblyInfo: randomise the values defined in AssemblyInfo.cs
  • BuildCsharp: build c# project
  • ConfuserEx: obfuscate c# tools
  • Donut: use Donut to generate shellcodes. The shellcode generated is without parameters, in future releases this may be changed.

Add a tool from a remote git

The scripts for downloading the tools are in the Tools folder in yml format. New tools can be added by creating new yml files with the following format:

  • Rubeus.yml file:
tool:
- name: Rubeus
description: Rubeus is a C# toolset for raw Kerberos interaction and abuses
gitLink: https://github.com/GhostPack/Rubeus
solutionPath: Rubeus\Rubeus.sln
language: c#
plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut
authUser:
authToken:

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: link from git to clone
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to use on this tool build process
  • AuthUser: user name from github (not used for public repositories)
  • AuthToken: auth token from github (not used for public repositories)

Add a tool from a private git

tool:
- name: SharpHound3-Custom
description: C# Rewrite of the BloodHound Ingestor
gitLink: https://github.com/aaaaaaa/SharpHound3-Custom
solutionPath: SharpHound3-Custom\SharpHound3.sln
language: c#
plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut
authUser: aaaaaaa
authToken: abcdefghijklmnopqrsthtnf

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: link from git to clone
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to user on this tool build process
  • AuthUser: user name from GitHub
  • AuthToken: auth token from GitHub (documented at GitHub: creating a personal access token)

Add a tool from local git folder

tool:
- name: SeatbeltLocal
description: Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
gitLink: C:\Users\alpha\Desktop\SeatbeltLocal
solutionPath: SeatbeltLocal\Seatbelt.sln
language: c#
plugins: RandomGuid, RandomAssemblyInfo, BuildCsharp, ConfuserEx, Donut
authUser:
authToken:

Where:

  • Name: name of the tool
  • Description: tool description
  • GitLink: path where the tool is located
  • SolutionPath: solution (sln file) path
  • Language: language used (currently only c# is supported)
  • Plugins: plugins to user on this tool build process
  • AuthUser: user name from github (not used for local repositories)
  • AuthToken: auth token from github (not used for local repositories)

Requirements for the release version (Visual Studio 2019/2022 is not required)

In the OffensivePipeline.dll.config file it's possible to change the version of the build tools used.

  • Build Tools 2019:
<add key="BuildCSharpTools" value="C:\Program Files (x86)\Microsoft Visual Studio\2019\BuildTools\Common7\Tools\VsDevCmd.bat"/>
  • Build Tools 2022:
<add key="BuildCSharpTools" value="C:\Program Files (x86)\Microsoft Visual Studio\2022\BuildTools\Common7\Tools\VsDevCmd.bat"/>

Requirements for build

Credits

Supported tools



...



๐Ÿ“Œ OffensivePipeline - Tool To Download, Compile (Without Visual Studio) And Obfuscate C# Tools For Red Team Exercises


๐Ÿ“ˆ 81.17 Punkte

๐Ÿ“Œ Bluetooth stack modifications to improve audio quality on headphones without AAC, aptX, or LDAC codecs


๐Ÿ“ˆ 35.25 Punkte

๐Ÿ“Œ 20 Critical Security Controls: Control 20 โ€“ Penetration Tests and Red Team Exercises


๐Ÿ“ˆ 33.73 Punkte

๐Ÿ“Œ SafeBreach Studio enables security teams to automate and scale red-team exercises


๐Ÿ“ˆ 33.73 Punkte

๐Ÿ“Œ How do you remember certain commands and their arcane flags, if you do not use them regularly?


๐Ÿ“ˆ 33.69 Punkte

๐Ÿ“Œ Python AV Evasion Tool - Generate (Almost) FUD Payload | Phantom Evasion | Kali Linux 208.2


๐Ÿ“ˆ 32.56 Punkte

๐Ÿ“Œ Evasive Maneuvers: Trends in Phishing Evasion & Anti-Evasion


๐Ÿ“ˆ 32.56 Punkte

๐Ÿ“Œ How do Red Team Exercises help CISO to Validate the Security Controls Effectively?


๐Ÿ“ˆ 31.83 Punkte

๐Ÿ“Œ Why red team exercises for AI should be on a CISO's radar


๐Ÿ“ˆ 31.83 Punkte

๐Ÿ“Œ Reducing Burnout and Increasing SOC Retention: How Leaders Can Improve Their Employeesโ€™ Lives and Improve Security


๐Ÿ“ˆ 30.57 Punkte

๐Ÿ“Œ FIN7 APT Hackers Released New Hacking Tools in Their Malware Arsenal to Evasion AV Detection


๐Ÿ“ˆ 29.88 Punkte

๐Ÿ“Œ Linear Algebra for Data Science: Understanding and Applying Vectors, Matrices and their Operations using Numpy


๐Ÿ“ˆ 29.87 Punkte

๐Ÿ“Œ SimSpace SkillWise provides team-based development exercises and training


๐Ÿ“ˆ 29.5 Punkte

๐Ÿ“Œ Applying Machine Learning to Improve Your Intrusion Detection System


๐Ÿ“ˆ 28.22 Punkte

๐Ÿ“Œ Applying Machine Learning to Improve Your Intrusion Detection System


๐Ÿ“ˆ 28.22 Punkte

๐Ÿ“Œ Applying MinDiff to Improve Model Fairness


๐Ÿ“ˆ 28.22 Punkte

๐Ÿ“Œ Improve Microservices Security by Applying Zero-Trust Principles


๐Ÿ“ˆ 28.22 Punkte

๐Ÿ“Œ Cyber Attack Tabletop Exercises: Tools and Resources


๐Ÿ“ˆ 28.15 Punkte

๐Ÿ“Œ Linux Red Team Defense Evasion Techniques - Hiding Linux Processes


๐Ÿ“ˆ 27.98 Punkte

๐Ÿ“Œ Top 4 Tips for Purple Team Exercises


๐Ÿ“ˆ 27.6 Punkte

๐Ÿ“Œ Top 4 Tips for Purple Team Exercises


๐Ÿ“ˆ 27.6 Punkte

๐Ÿ“Œ RangeForce Introduces New Version of Cloud-based Security Team Readiness Threat Exercises


๐Ÿ“ˆ 27.6 Punkte

๐Ÿ“Œ [papers] Sony PlayStation Vita 3.65 / 3.67 / 3.68 - 'h-encore' kernel and user modifications


๐Ÿ“ˆ 27.52 Punkte

๐Ÿ“Œ Sony PlayStation Vita 3.65 / 3.67 / 3.68 h-encore Kernel And User Modifications


๐Ÿ“ˆ 27.52 Punkte

๐Ÿ“Œ Red Team v. Blue Team? They Are In Fact One โ€“ The Purple Team


๐Ÿ“ˆ 26.62 Punkte











matomo