ATTACKIFY





Simulate numerous exploit techniques as used by attackers & malware to inject into processes, elevate privileges or impersonate users. Modules are designed to emulate core functionality without potwntially damaging systems.

Exploit Modules

ATTACKIFY has a number of exploit modules that have been designed to run as safe as possible within environments. Exploit modules include priviledge escalation, process injection, various anti-malware bypass techniques. The modules are designed to execute on an endpoint in a safe way that would allow security teams to discover malicious behaviour, suspicious processes and potential short falls of currently deployed security products.

Some of the modules in ATTACKIFY include:

  • NTLM Authentication Bypass
  • Privilege Escalation Attacks
  • Process Injection - QueueUserAPC, SetThreadContext & CreateRemoteThread
  • AMSI Bypass Attacks
  • PowerShell Empire Exploits and Techniques
  • Named Pipe Impersonation
  • Generic Drive-By

Great care is taken to test modules in multiple scenarios and configurations but it will always come with a warning platform running these in a production setting, so maybe dont do production (:

Related Modules

Ransomware

Select from a number of modules to simulate ransomware behaviour on endpoints and communication over networks.

more info

Execution

Attackers are always finding new methods to bypass execution prevention controls allowing them to execute code or commands without alerting or generating logs.

more info

Phishing

Usually phishing / spearphishing is the first approach by which adversaries attempt to gain initial access to an organizations environment.

more info