t3l3machus / Villain

Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
Other
3.77k stars 611 forks source link

. #8

Closed siddharthjain25 closed 1 year ago

t3l3machus commented 1 year ago

Sooner or later, it will get caught. The auto-obfuscate function is there to assist you, not to do the job for you. Also, the obfuscated payload variations are random, it's possible that some of the generated payloads are detectable. I made a video yesterday about manually obfuscating powershell, you can get some ideas of what to do to bypass AMSI -> https://www.youtube.com/watch?v=iElVfagdCD4