[SUGGESTION] Document possible detections
sundhaug92 opened this issue · 1 comments
sundhaug92 commented
If a payload requires executing, by the host, a file either from the internet or the BashBunny, or storing such a file on the host, the readme for the payload should document it, as well as a description of the file and a link to virustotal. Note, this should include not only binaries but also scripts, such as .ps1-files (for example due to AMSI).
For example:
File | Path | Description | VirusTotal |
---|---|---|---|
Mimikatz | ./mimikatz.exe | Mimikatz binary, used for automated password backups | https://www.virustotal.com/en/file/c3c336a23021b68b026bdf1642b220d88037039aa6d7f8e7d4d576cc38063088/analysis/1470356182/ |
This could help avoid issues pointed out by @hak5darren on Hak5 2305
X0R1972 commented
friend are you serious virustotal !!!! whats the point create such a fantastic tool !!! please stay away from all antivirus companys ...