Magic Unicorn Attack Vector v2.3.3

Magic Unicorn Attack Vector v2.3.3

Changelog v2.3.3:
* most AVs were flagging on -enc instead of -EncodedCommand along with base64 would flag windows defender.. looks like this gets around it on both macro and standard ps1/encoded command params.

unicorn v2.3.3

unicorn v2.3.3

Unicorn is a PowerShell injection tool utilizing Matthew Graebers attack and expanded to automatically downgrade the process if a 64 bit platform is detected. This is useful in order to ensure that we can deliver a payload with just one set of shellcode instructions. This will work on any version of Windows with PowerShell installed. Simply copy and paste the output and wait for the shells.

Requirements:
+ Metasploit Framework

Attack Options:
+ POWERSHELL ATTACK INSTRUCTIONS
+ MACRO ATTACK INSTRUCTIONS
+ HTA ATTACK INSTRUCTIONS
+ CERUTIL Attack Instruction
+ Custom PS1 Attack Instructions

Usage:

Download : Master.zip | Clone Url
Source: TrustSec  | https://www.trustedsec.com/ | Our Post Before