/Venoma

Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

Primary LanguageC++

Venoma



Yet another ☠️ Cobalt Strike ☠️ beacon dropper



A custom C++ raw beacon dropper with :

Compile Time API Hashing
Run-Time Dynamic Linking
PPID spoofing
DLL Unhooking (Fresh + Perun's fart)
ETW Patching
EnumPageFilesW execution
Local & remote APC Execution
Indirect syscall execution
Cobalt Strike Artifact kit integration
Self deletion


All functions are included, choose what you need and remove anything else before compiling.









Cobalt Strike artifact kit integration


> Compile the project and rename the binary to artifact64big.exe
> Add your own artifact.cna in the same folder
> Load your cna into Cobalt Strike and generate a stageless Windows payload
> Enjoy
Video tutorial here : https://www.youtube.com/watch?v=tGa3xJymEfY



What da fuck is this ?


I would learn more about antivirus evasion so I made a video on Youtube :
https://www.youtube.com/watch?v=lFO2bPzxLGI