_word-vba-inject-shellcode-and-bypass-antivirus-using-macropack-pro.jpg "Word VBA inject shellcode and bypass antivirus using MacroPack Pro from vba new line in email Video Screenshot Preview")
GalleryPlay Video:
(Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)
⏲ Duration: 80 sec
✓ Published: 22-Nov-2021
✓ Published: 22-Nov-2021
Description:
This video shows how to generate a malicious Word document which launches a raw shellcode on a machine where Kaspersky AV is running.n(in this case a simple calc spawning shellcode generated with msfvenom) nnThis video was uploaded in the context of a blog post concerning MacroPack Pro shellcode features (http://blog.sevagas.com/?Launch-shellcodes-and-bypass-AV-using-MacroPack-Pro-VBA-payloads)nnIn the video we first have a look at the various shellcode injection methods usingnmacro_pack.exe --l
This video shows how to generate a malicious Word document which launches a raw shellcode on a machine where Kaspersky AV is running.n(in this case a simple calc spawning shellcode generated with msfvenom) nnThis video was uploaded in the context of a blog post concerning MacroPack Pro shellcode features (http://blog.sevagas.com/?Launch-shellcodes-and-bypass-AV-using-MacroPack-Pro-VBA-payloads)nnIn the video we first have a look at the various shellcode injection methods usingnmacro_pack.exe --l
Share with your friends:
Whatsapp | Viber | Telegram | Line | SMS
Email | Twitter | Reddit | Tumblr | Pinterest
Related Videos
_bypass-amsi-in-excel-macro-using-macropack-pro.webp "This video shows one of the multiple ways MacroPack pro can be used to bypass AMSInIn this case, the payload is loading a raw shellcode running calc and generated with mvfvenom.nThis payload or any document running this payload is considered malicious by default.nnIn the video I first show that the obfuscated payload is detected by Windows defender AMSI nnThis first payload is generated with:necho x32calc.bin | macro_pack.exe -t SHELLCODE -o -G samplessc.xls n(-o option means the payload is obfu")
_excel-tip-add-line-breaks-in-body-of-mailto-hyperlink-function.webp "greggowaffles")
_send-mail-from-excel-via-outlook.webp "Excel Macro Mania")
_send-fully-dynamic-emails-from-excel-with-a-single-formula-124-no-vba-required.webp "Leila Gharani")
⏲ 8 minutes 53 seconds 👁 627K
_vba-to-automate-sending-email-from-excel-table-with-attachment-from-folder.webp "Chester Tugwell")
⏲ 17 minutes 25 seconds 👁 57.4K
_generate-empire-word-and-hta-payloads-bypassing-windows-defender-with-macropack-pro.webp "In this video, we generate two payloads to demonstrate MacroPack Pro AV bypass capacities.nFirst we trojan an existing document (the MP Pro user manual) with an Empire stagernnHere is the command line used to generate the Word payload: nmacro_pack.exe -f stager.cmd --bypass -t EMPIRE -T")
⏲ 1 min 24 sec ✓ 22-Nov-2021
_excel-vba-send-excel-tables-via-outlook-emails.webp "WanQi")
Related Video Searches
Back to Search
Search Videos
Recent Searches
×
(Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)
_bypass-amsi-in-excel-macro-using-macropack-pro.jpg)
_excel-tip-add-line-breaks-in-body-of-mailto-hyperlink-function.jpg)
_send-mail-from-excel-via-outlook.jpg)
_send-fully-dynamic-emails-from-excel-with-a-single-formula-124-no-vba-required.jpg)
_vba-to-automate-sending-email-from-excel-table-with-attachment-from-folder.jpg)
_generate-empire-word-and-hta-payloads-bypassing-windows-defender-with-macropack-pro.jpg)
_excel-vba-send-excel-tables-via-outlook-emails.jpg)
❮❯
1 / 9
2 / 9
Play Video: (Note: The default playback of the video is HD VERSION. If your browser is buffering the video slowly, please play the REGULAR MP4 VERSION or Open The Video below for better experience. Thank you!)
3 / 9
4 / 9
5 / 9
6 / 9
7 / 9
8 / 9
9 / 9
![[+]](/images/menu.gif){kind=small}