Browser Exploit vs Kernel Level Rootkit.

 I been working on a new exploit kit that dropps priv escl/UAC bypass and then try to insert a kernel level rootkit into the win kernel.

and the ring0 rootkit inject into any browser using APC 

and it injects a dll then it try to talk back to the c2.

DEMO --> https://www.youtube.com/watch?v=k7QueVMjHKo&ab_channel=Claes

N|Pegasus - RED TEAM OPERATIONS SUITE (goes fileless)

 

       using c/c++/powershell and c# to make my agent fileless 

      you can see in the image i using vnc/hvnc function from a powershell process. 

N|Pegasus - RED TEAM OPERATIONS SUITE (STILL IN DEV)

 

metasploit behind fast-flux

 i buld a small fast-flux network on my home lan and put metasploit behind it with revrse shell and it works great.

Stealth metasploit loader (Elite Loader)

 

the rootkit injects a dll into ring3 software then exec the shellcode in that process.

and then unload it self.

the shellcode using xor encoding .

demo --> https://www.youtube.com/watch?v=bAdRg7QI22s