SpookFlare
SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom encrypter with string obfuscation and run-time code compilation features so you can bypass the countermeasures of the target systems like a boss until they “learn” the technique and behavior of SpookFlare payloads.
- Obfuscation
- Runtime Code Compiling
- Source Code Encryption
- Patched Meterpreter Stage Support
___ ___ ___ ___ _ __ ___ _ _ ___ ___
/ __| _ \/ _ \ / _ \| |/ / | __| | /_\ | _ \ __|
\__ \ _/ (_) | (_) | ' < | _|| |__ / _ \| / _|
|___/_| \___/ \___/|_|\_\ |_| |____/_/ \_\_|_\___|
Version : 1.0
Author : Halil Dalabasmaz
WWW : artofpwn.com
Twitter : @hlldz
Github : @hlldz
Licence : Apache License 2.0
Note : Stay in shadows!
-------------------------------------------------------
[*] You can use "help" command for access help section.
spookflare > help
list : List payloads
generate : Generate payloads
exit : Exit from program
[!] Important: Use x86 listener for x86 payloads and x64 listener for x64 payloads otherwise the process will crash!
spookflare > list
SpookFlare can generate following payloads.
[*] Meterpreter Loader (.EXE) with Custom Encrypter and Custom Stub:
- Meterpreter Reverse HTTP x86/x64
- Meterpreter Reverse HTTPS x86/x64
Technical Details
https://artofpwn.com/spookflare.html
Usage Video
https://www.youtube.com/watch?v=p_eKKVoEl0o
Note
I developed the SpookFlare and technique for use in penetration tests, red team engagements and it is purely educational. Please use with responsibility.