From 70dda5aec7977c51421b029eda83f8896bd69c0a Mon Sep 17 00:00:00 2001 From: emtuls Date: Fri, 12 Apr 2024 09:05:55 -0400 Subject: [PATCH] Convert all Github Helpers to Zip Helper --- .../adconnectdump.vm/adconnectdump.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/asreproast.vm/asreproast.vm.nuspec | 4 +- .../asreproast.vm/tools/chocolateyinstall.ps1 | 2 +- .../bloodhound-custom-queries.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/c3.vm/c3.vm.nuspec | 4 +- packages/c3.vm/tools/chocolateyinstall.ps1 | 2 +- packages/certify.vm/certify.vm.nuspec | 4 +- .../certify.vm/tools/chocolateyinstall.ps1 | 2 +- packages/common.vm/common.vm.nuspec | 2 +- .../common.vm/tools/vm.common/vm.common.psm1 | 37 ------------------- packages/covenant.vm/covenant.vm.nuspec | 4 +- .../covenant.vm/tools/chocolateyinstall.ps1 | 2 +- packages/credninja.vm/credninja.vm.nuspec | 4 +- .../credninja.vm/tools/chocolateyinstall.ps1 | 2 +- .../dotnettojscript.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/dumpert.vm/dumpert.vm.nuspec | 4 +- .../dumpert.vm/tools/chocolateyinstall.ps1 | 2 +- packages/evilclippy.vm/evilclippy.vm.nuspec | 4 +- .../evilclippy.vm/tools/chocolateyinstall.ps1 | 2 +- packages/fuzzdb.vm/fuzzdb.vm.nuspec | 4 +- .../fuzzdb.vm/tools/chocolateyinstall.ps1 | 2 +- .../gadgettojscript.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../invokedosfuscation.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../invokeobfuscation.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/keethief.vm/keethief.vm.nuspec | 4 +- .../keethief.vm/tools/chocolateyinstall.ps1 | 2 +- .../malware-jail.vm/malware-jail.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/microburst.vm/microburst.vm.nuspec | 4 +- .../microburst.vm/tools/chocolateyinstall.ps1 | 2 +- packages/nanodump.vm/nanodump.vm.nuspec | 4 +- .../nanodump.vm/tools/chocolateyinstall.ps1 | 2 +- .../outflank-c2-tool-collection.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../payloadsallthethings.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/petitpotam.vm/petitpotam.vm.nuspec | 4 +- .../petitpotam.vm/tools/chocolateyinstall.ps1 | 2 +- .../pkg-unpacker.vm/pkg-unpacker.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/powermad.vm/powermad.vm.nuspec | 4 +- .../powermad.vm/tools/chocolateyinstall.ps1 | 2 +- packages/powersploit.vm/powersploit.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/powerupsql.vm/powerupsql.vm.nuspec | 4 +- .../powerupsql.vm/tools/chocolateyinstall.ps1 | 2 +- packages/powerzure.vm/powerzure.vm.nuspec | 4 +- .../powerzure.vm/tools/chocolateyinstall.ps1 | 2 +- .../routesixtysink.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/rubeus.vm/rubeus.vm.nuspec | 4 +- .../rubeus.vm/tools/chocolateyinstall.ps1 | 2 +- packages/safetykatz.vm/safetykatz.vm.nuspec | 4 +- .../safetykatz.vm/tools/chocolateyinstall.ps1 | 2 +- packages/seatbelt.vm/seatbelt.vm.nuspec | 4 +- .../seatbelt.vm/tools/chocolateyinstall.ps1 | 2 +- packages/seclists.vm/seclists.vm.nuspec | 4 +- .../seclists.vm/tools/chocolateyinstall.ps1 | 2 +- packages/sharpdpapi.vm/sharpdpapi.vm.nuspec | 4 +- .../sharpdpapi.vm/tools/chocolateyinstall.ps1 | 2 +- packages/sharpdump.vm/sharpdump.vm.nuspec | 4 +- .../sharpdump.vm/tools/chocolateyinstall.ps1 | 2 +- packages/sharpexec.vm/sharpexec.vm.nuspec | 4 +- .../sharpexec.vm/tools/chocolateyinstall.ps1 | 2 +- .../sharpsecdump.vm/sharpsecdump.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/sharpup.vm/sharpup.vm.nuspec | 4 +- .../sharpup.vm/tools/chocolateyinstall.ps1 | 2 +- packages/sharpview.vm/sharpview.vm.nuspec | 4 +- .../sharpview.vm/tools/chocolateyinstall.ps1 | 2 +- packages/sharpwmi.vm/sharpwmi.vm.nuspec | 4 +- .../sharpwmi.vm/tools/chocolateyinstall.ps1 | 2 +- .../situational-awareness-bof.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- packages/spoolsample.vm/spoolsample.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../statistically-likely-usernames.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../stracciatella.vm/stracciatella.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../syswhispers2.vm/syswhispers2.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../syswhispers3.vm/syswhispers3.vm.nuspec | 4 +- .../tools/chocolateyinstall.ps1 | 2 +- .../tools/chocolateyinstall.ps1 | 2 +- .../trustedsec-remote-ops-bof.vm.nuspec | 4 +- .../unhook-bof.vm/tools/chocolateyinstall.ps1 | 2 +- packages/unhook-bof.vm/unhook-bof.vm.nuspec | 4 +- .../whisker.vm/tools/chocolateyinstall.ps1 | 2 +- packages/whisker.vm/whisker.vm.nuspec | 4 +- 96 files changed, 142 insertions(+), 179 deletions(-) diff --git a/packages/adconnectdump.vm/adconnectdump.vm.nuspec b/packages/adconnectdump.vm/adconnectdump.vm.nuspec index eac7f4078..1f7187d88 100644 --- a/packages/adconnectdump.vm/adconnectdump.vm.nuspec +++ b/packages/adconnectdump.vm/adconnectdump.vm.nuspec @@ -2,11 +2,11 @@ adconnectdump.vm - 0.0.0.20240411 + 0.0.0.20240412 fox-it This toolkit offers several ways to extract and decrypt stored Azure AD and Active Directory credentials from Azure AD Connect servers. - + diff --git a/packages/adconnectdump.vm/tools/chocolateyinstall.ps1 b/packages/adconnectdump.vm/tools/chocolateyinstall.ps1 index 0b95fcaca..55ce23079 100644 --- a/packages/adconnectdump.vm/tools/chocolateyinstall.ps1 +++ b/packages/adconnectdump.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/fox-it/adconnectdump/archive/3ff6ebe7afac83263dd41 $zipSha256 = '6f36659f4d0ef7e20ddea0d7c17f36786c2fa8ca0728e6fd790f3234f408e0e9' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/asreproast.vm/asreproast.vm.nuspec b/packages/asreproast.vm/asreproast.vm.nuspec index ecb0a5110..38acfd418 100644 --- a/packages/asreproast.vm/asreproast.vm.nuspec +++ b/packages/asreproast.vm/asreproast.vm.nuspec @@ -2,11 +2,11 @@ asreproast.vm - 0.0.0.20240411 + 0.0.0.20240412 HarmJ0y Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled. - + diff --git a/packages/asreproast.vm/tools/chocolateyinstall.ps1 b/packages/asreproast.vm/tools/chocolateyinstall.ps1 index 60f153fcb..45208f7ad 100644 --- a/packages/asreproast.vm/tools/chocolateyinstall.ps1 +++ b/packages/asreproast.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://codeload.github.com/HarmJ0y/ASREPRoast/zip/1c94ef12038df1378f $zipSha256 = '3e90bb0755f9076e74ad749a188ad99b9dc11f197d4366a8eaa4f056953e4cab' $powershellCommand = "Import-Module .\ASREPRoast.ps1; Get-Help Invoke-ASREPRoast" -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand diff --git a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec index 1dda9bdda..23dba4d42 100644 --- a/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec +++ b/packages/bloodhound-custom-queries.vm/bloodhound-custom-queries.vm.nuspec @@ -2,11 +2,11 @@ bloodhound-custom-queries.vm - 0.0.0.20240411 + 0.0.0.20240412 hausec Custom Query list for the Bloodhound GUI based off my cheatsheet - + diff --git a/packages/bloodhound-custom-queries.vm/tools/chocolateyinstall.ps1 b/packages/bloodhound-custom-queries.vm/tools/chocolateyinstall.ps1 index 56665036d..5544ecc34 100644 --- a/packages/bloodhound-custom-queries.vm/tools/chocolateyinstall.ps1 +++ b/packages/bloodhound-custom-queries.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/hausec/Bloodhound-Custom-Queries/archive/7ef909966 $zipSha256 = '78a71b9797506200b4c86bdad6799ba8c3519171353ce329dff5ff4fc703ddb0' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/c3.vm/c3.vm.nuspec b/packages/c3.vm/c3.vm.nuspec index e7f712d34..0fa9ab68c 100644 --- a/packages/c3.vm/c3.vm.nuspec +++ b/packages/c3.vm/c3.vm.nuspec @@ -2,11 +2,11 @@ c3.vm - 0.0.0.20240411 + 0.0.0.20240412 WithSecureLabs C3 (Custom Command and Control) is a tool that allows Red Teams to rapidly develop and utilise esoteric command and control channels (C2). It's a framework that extends other red team tooling, such as the commercial Cobalt Strike (CS) product via ExternalC2. - + diff --git a/packages/c3.vm/tools/chocolateyinstall.ps1 b/packages/c3.vm/tools/chocolateyinstall.ps1 index 9508dbf1a..bcf634dbc 100644 --- a/packages/c3.vm/tools/chocolateyinstall.ps1 +++ b/packages/c3.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/WithSecureLabs/C3/archive/e1b9922d199e45e222001a3a $zipSha256 = '8dd29ed32c2a38312b617c430ff84019da8bd434e3704b778f031aaa859c4e8e' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/certify.vm/certify.vm.nuspec b/packages/certify.vm/certify.vm.nuspec index 4c52aac77..00eac13a2 100644 --- a/packages/certify.vm/certify.vm.nuspec +++ b/packages/certify.vm/certify.vm.nuspec @@ -2,11 +2,11 @@ certify.vm - 1.1.0.20240411 + 1.1.0.20240412 HarmJ0y, leechristensen Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). - + diff --git a/packages/certify.vm/tools/chocolateyinstall.ps1 b/packages/certify.vm/tools/chocolateyinstall.ps1 index b5fc9427b..8ecbb0f19 100644 --- a/packages/certify.vm/tools/chocolateyinstall.ps1 +++ b/packages/certify.vm/tools/chocolateyinstall.ps1 @@ -7,4 +7,4 @@ $category = 'Exploitation' $zipUrl = 'https://github.com/GhostPack/Certify/archive/fb297ad30476cfdba745b9062171cd7ac145a16d.zip' $zipSha256 = '4827485203eb08271e953bbd5816e95bf8b0b897ae0937c798525afe7ed5b9e0' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/common.vm/common.vm.nuspec b/packages/common.vm/common.vm.nuspec index b916e3621..6a0f9e812 100755 --- a/packages/common.vm/common.vm.nuspec +++ b/packages/common.vm/common.vm.nuspec @@ -2,7 +2,7 @@ common.vm - 0.0.0.20240411 + 0.0.0.20240412 Common libraries for VM-packages Mandiant diff --git a/packages/common.vm/tools/vm.common/vm.common.psm1 b/packages/common.vm/tools/vm.common/vm.common.psm1 index 5c3c10a2f..b0de005a3 100755 --- a/packages/common.vm/tools/vm.common/vm.common.psm1 +++ b/packages/common.vm/tools/vm.common/vm.common.psm1 @@ -198,43 +198,6 @@ function VM-New-Install-Log { return $outputFile } -# This functions returns $toolDir -function VM-Install-Raw-GitHub-Repo { - [CmdletBinding()] - Param - ( - [Parameter(Mandatory=$true, Position=0)] - [string] $toolName, - [Parameter(Mandatory=$true, Position=1)] - [string] $category, - [Parameter(Mandatory=$true, Position=2)] - [string] $zipUrl, - [Parameter(Mandatory=$true, Position=3)] - [string] $zipSha256, - [Parameter(Mandatory=$false)] - [bool] $innerFolder=$false, # Subfolder in zip with the app files - [Parameter(Mandatory=$false)] - [string] $executableName = "", # Executable name, needed if different from "$toolName.exe" - [Parameter(Mandatory=$false)] - [switch] $withoutBinFile, # Tool should not be installed as a bin file - # Examples: - # $powershellCommand = "Get-Content README.md" - # $powershellCommand = "Import-Module module.ps1; Get-Help Main-Function" - [Parameter(Mandatory=$false)] - [string] $powershellCommand - ) - try { - if ($withoutBinFile) { - $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -withoutBinFile -powershellCommand $powershellCommand)[0] - } else { - $toolDir = (VM-Install-From-Zip -toolName $toolName -category $category -zipUrl $zipUrl -zipSha256 $zipSha256 -innerFolder $innerFolder -executableName $executableName -powershellCommand $powershellCommand)[0] - } - return $toolDir - } catch { - VM-Write-Log-Exception $_ - } -} - function VM-Install-Shortcut{ [CmdletBinding()] Param diff --git a/packages/covenant.vm/covenant.vm.nuspec b/packages/covenant.vm/covenant.vm.nuspec index 4c83c65f6..16cd539aa 100644 --- a/packages/covenant.vm/covenant.vm.nuspec +++ b/packages/covenant.vm/covenant.vm.nuspec @@ -2,11 +2,11 @@ covenant.vm - 0.0.0.20240411 + 0.0.0.20240412 cobbr Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. - + diff --git a/packages/covenant.vm/tools/chocolateyinstall.ps1 b/packages/covenant.vm/tools/chocolateyinstall.ps1 index cbc500ddc..5915c5ed1 100644 --- a/packages/covenant.vm/tools/chocolateyinstall.ps1 +++ b/packages/covenant.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/cobbr/Covenant/archive/5decc3ccfab04e6e881ed00c9de $zipSha256 = '53f532e350b7a43b0dab8e21a5298587b9a2f498c46bed77d443dea32525b525' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/credninja.vm/credninja.vm.nuspec b/packages/credninja.vm/credninja.vm.nuspec index 6e2e4f8c2..13e7b82b3 100644 --- a/packages/credninja.vm/credninja.vm.nuspec +++ b/packages/credninja.vm/credninja.vm.nuspec @@ -2,11 +2,11 @@ credninja.vm - 2.3.0.20240411 + 2.3.0.20240412 raikiasec This tool will tell you if the credentials you dumped are valid on the domain, and if you have local administrator access to a host. - + diff --git a/packages/credninja.vm/tools/chocolateyinstall.ps1 b/packages/credninja.vm/tools/chocolateyinstall.ps1 index 3d8ace26a..19b0ac3b9 100644 --- a/packages/credninja.vm/tools/chocolateyinstall.ps1 +++ b/packages/credninja.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/Raikia/CredNinja/archive/4a13f297851cd6fe88017288e $zipSha256 = '35b7dfae877c08bd9e50a5b9406eead0687b460db9428b9fe22130cc47b1ec10' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec index 8a33f49ab..89a59d3fb 100644 --- a/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec +++ b/packages/dotnettojscript.vm/dotnettojscript.vm.nuspec @@ -2,11 +2,11 @@ dotnettojscript.vm - 0.0.0.20240411 + 0.0.0.20240412 James Forshaw A tool to generate a JScript which bootstraps an arbitrary .NET Assembly and class. - + diff --git a/packages/dotnettojscript.vm/tools/chocolateyinstall.ps1 b/packages/dotnettojscript.vm/tools/chocolateyinstall.ps1 index 2c3656c25..d39d0d467 100644 --- a/packages/dotnettojscript.vm/tools/chocolateyinstall.ps1 +++ b/packages/dotnettojscript.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/tyranid/DotNetToJScript/archive/4dbe155912186f9574 $zipSha256 = '12566bdfced108fafba97548c59c07be55988beb1c1e970e62bf40ddaebc4a0a' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/dumpert.vm/dumpert.vm.nuspec b/packages/dumpert.vm/dumpert.vm.nuspec index 86122eb84..f4d0b7461 100644 --- a/packages/dumpert.vm/dumpert.vm.nuspec +++ b/packages/dumpert.vm/dumpert.vm.nuspec @@ -2,11 +2,11 @@ dumpert.vm - 0.0.0.20240411 + 0.0.0.20240412 outflank This tool demonstrates the use of direct System Calls and API unhooking and combines these techniques in a proof of concept code which can be used to create a LSASS memory dump using Cobalt Strike. - + diff --git a/packages/dumpert.vm/tools/chocolateyinstall.ps1 b/packages/dumpert.vm/tools/chocolateyinstall.ps1 index 4a19d227f..691a514a2 100644 --- a/packages/dumpert.vm/tools/chocolateyinstall.ps1 +++ b/packages/dumpert.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/outflanknl/Dumpert/archive/8000ca4c585b0fc317cee69 $zipSha256 = '1ffbf3332db29e834c779008586c386ebbf1ca21e5c081ae6bba1a033d937bec' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/evilclippy.vm/evilclippy.vm.nuspec b/packages/evilclippy.vm/evilclippy.vm.nuspec index ed2a07a97..c830013f8 100644 --- a/packages/evilclippy.vm/evilclippy.vm.nuspec +++ b/packages/evilclippy.vm/evilclippy.vm.nuspec @@ -2,11 +2,11 @@ evilclippy.vm - 1.3.0.20240411 + 1.3.0.20240412 outflank A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. - + diff --git a/packages/evilclippy.vm/tools/chocolateyinstall.ps1 b/packages/evilclippy.vm/tools/chocolateyinstall.ps1 index 5eeb0fa50..c796b9b71 100644 --- a/packages/evilclippy.vm/tools/chocolateyinstall.ps1 +++ b/packages/evilclippy.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/outflanknl/EvilClippy/archive/refs/tags/v1.3.zip' $zipSha256 = '6ff1633de0ce8b99d5cf59a3e3cddf1960d4e7410d1441fd86940db42a7785a7' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/fuzzdb.vm/fuzzdb.vm.nuspec b/packages/fuzzdb.vm/fuzzdb.vm.nuspec index 97d66ec78..1a62ad572 100644 --- a/packages/fuzzdb.vm/fuzzdb.vm.nuspec +++ b/packages/fuzzdb.vm/fuzzdb.vm.nuspec @@ -2,11 +2,11 @@ fuzzdb.vm - 0.0.0.20240411 + 0.0.0.20240412 fuzzdb-project FuzzDB is the most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses. - + diff --git a/packages/fuzzdb.vm/tools/chocolateyinstall.ps1 b/packages/fuzzdb.vm/tools/chocolateyinstall.ps1 index 594b2b8b4..c18e5edc6 100644 --- a/packages/fuzzdb.vm/tools/chocolateyinstall.ps1 +++ b/packages/fuzzdb.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/fuzzdb-project/fuzzdb/archive/5656ab25dc6bb43bae32 $zipSha256 = 'b732136975be06f71e8c8cfa6923a6dfba028b7f8c4cfa21c6280ef5b74aa1fa' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec index d7d2df42b..fec9b99d6 100644 --- a/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec +++ b/packages/gadgettojscript.vm/gadgettojscript.vm.nuspec @@ -2,11 +2,11 @@ gadgettojscript.vm - 2.0.0.20240411 + 2.0.0.20240412 med0x2e A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA scripts. - + diff --git a/packages/gadgettojscript.vm/tools/chocolateyinstall.ps1 b/packages/gadgettojscript.vm/tools/chocolateyinstall.ps1 index 0fd236627..c6465d4b3 100644 --- a/packages/gadgettojscript.vm/tools/chocolateyinstall.ps1 +++ b/packages/gadgettojscript.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/med0x2e/GadgetToJScript/archive/98f50984015c29eecb $zipSha256 = '093451115744beec90e7de4efc61857361b56d16a3a31d78182a8c7ef675938b' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec index 462a6e854..d3fac4584 100644 --- a/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec +++ b/packages/invokedosfuscation.vm/invokedosfuscation.vm.nuspec @@ -2,11 +2,11 @@ invokedosfuscation.vm - 1.0.0.20240411 + 1.0.0.20240412 danielbohannon Invoke-DOSfuscation is a PowerShell v2.0+ compatible cmd.exe command obfuscation framework. - + diff --git a/packages/invokedosfuscation.vm/tools/chocolateyinstall.ps1 b/packages/invokedosfuscation.vm/tools/chocolateyinstall.ps1 index cbd52c086..ea9e9c52f 100644 --- a/packages/invokedosfuscation.vm/tools/chocolateyinstall.ps1 +++ b/packages/invokedosfuscation.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = '60b78094731fc8f54333193e840cb847ac4018c6ca1ccc36c107cda533016791' $powershellCommand = 'Import-Module .\Invoke-DOSfuscation.psd1; Invoke-DOSfuscation' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand diff --git a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec index 471d6d908..2d9532421 100644 --- a/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec +++ b/packages/invokeobfuscation.vm/invokeobfuscation.vm.nuspec @@ -2,11 +2,11 @@ invokeobfuscation.vm - 1.8.2.20240411 + 1.8.2.20240412 cobbr, 4d4c, mvle, danielbohannon Invoke-Obfuscation is a PowerShell v2.0+ compatible PowerShell command and script obfuscator. - + diff --git a/packages/invokeobfuscation.vm/tools/chocolateyinstall.ps1 b/packages/invokeobfuscation.vm/tools/chocolateyinstall.ps1 index f4eea399a..947862ce6 100644 --- a/packages/invokeobfuscation.vm/tools/chocolateyinstall.ps1 +++ b/packages/invokeobfuscation.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = '24149efe341b4bfc216dea22ece4918abcbe0655d3d1f3c07d1965fac5b4478e' $powershellCommand = 'Import-Module ./Invoke-Obfuscation.psd1; Invoke-Obfuscation' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand diff --git a/packages/keethief.vm/keethief.vm.nuspec b/packages/keethief.vm/keethief.vm.nuspec index d4f7a7d3f..b542f57d5 100644 --- a/packages/keethief.vm/keethief.vm.nuspec +++ b/packages/keethief.vm/keethief.vm.nuspec @@ -2,11 +2,11 @@ keethief.vm - 0.0.0.20240411 + 0.0.0.20240412 tifkin_, harmj0y Allows for the extraction of KeePass 2.X key material from memory, as well as the backdooring and enumeration of the KeePass trigger system. - + diff --git a/packages/keethief.vm/tools/chocolateyinstall.ps1 b/packages/keethief.vm/tools/chocolateyinstall.ps1 index 453b036d9..b89536363 100644 --- a/packages/keethief.vm/tools/chocolateyinstall.ps1 +++ b/packages/keethief.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/KeeThief/archive/04f3fbc0ba87dbcd9011ad4 $zipSha256 = '2fe020645855564ce1d0236c3e83e8d66a09c91c00d95a40b88cbe9ffd5ca204' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/malware-jail.vm/malware-jail.vm.nuspec b/packages/malware-jail.vm/malware-jail.vm.nuspec index 99da1f000..63635f54f 100644 --- a/packages/malware-jail.vm/malware-jail.vm.nuspec +++ b/packages/malware-jail.vm/malware-jail.vm.nuspec @@ -2,11 +2,11 @@ malware-jail.vm - 0.0.0.20240411 + 0.0.0.20240412 Hynek Petrak Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. - + diff --git a/packages/malware-jail.vm/tools/chocolateyinstall.ps1 b/packages/malware-jail.vm/tools/chocolateyinstall.ps1 index 74152d2cd..f7f2ac8df 100644 --- a/packages/malware-jail.vm/tools/chocolateyinstall.ps1 +++ b/packages/malware-jail.vm/tools/chocolateyinstall.ps1 @@ -10,7 +10,7 @@ try { # Install dependencies with npm when running shortcut as we ignore errors below $powershellCommand = "npm install; node jailme.js -h -b list" - $toolDir = VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand + $toolDir = (VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand)[0] } catch { VM-Write-Log-Exception $_ diff --git a/packages/microburst.vm/microburst.vm.nuspec b/packages/microburst.vm/microburst.vm.nuspec index f6e8cd17e..6d0be2c9b 100644 --- a/packages/microburst.vm/microburst.vm.nuspec +++ b/packages/microburst.vm/microburst.vm.nuspec @@ -2,11 +2,11 @@ microburst.vm - 0.0.0.20240411 + 0.0.0.20240412 NetSPI MicroBurst includes functions and scripts that support Azure Services discovery, weak configuration auditing, and post exploitation actions such as credential dumping. - + diff --git a/packages/microburst.vm/tools/chocolateyinstall.ps1 b/packages/microburst.vm/tools/chocolateyinstall.ps1 index 86fbd9c1d..f749fa140 100644 --- a/packages/microburst.vm/tools/chocolateyinstall.ps1 +++ b/packages/microburst.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = '72700519c40fac2b01e5362e4d3d1e171e73910f8e9e9859753f26c64f0529d0' $powershellCommand = 'Import-Module Az, .\Az\MicroBurst-Az.psm1, .\Misc\MicroBurst-Misc.psm1, .\REST\MicroBurst-AzureREST.psm1; Get-Command -Module MicroBurst-Az' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand \ No newline at end of file +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand \ No newline at end of file diff --git a/packages/nanodump.vm/nanodump.vm.nuspec b/packages/nanodump.vm/nanodump.vm.nuspec index 17d113683..4b74b9c3b 100644 --- a/packages/nanodump.vm/nanodump.vm.nuspec +++ b/packages/nanodump.vm/nanodump.vm.nuspec @@ -2,11 +2,11 @@ nanodump.vm - 0.0.0.20240411 + 0.0.0.20240412 fortra A Beacon Object File that creates a minidump of the LSASS process. - + diff --git a/packages/nanodump.vm/tools/chocolateyinstall.ps1 b/packages/nanodump.vm/tools/chocolateyinstall.ps1 index cb37c5646..c83700dff 100644 --- a/packages/nanodump.vm/tools/chocolateyinstall.ps1 +++ b/packages/nanodump.vm/tools/chocolateyinstall.ps1 @@ -7,4 +7,4 @@ $category = 'Credential Access' $zipUrl = 'https://github.com/fortra/nanodump/archive/c211c5f72b2438afb09d0eb917fe32150be91344.zip' $zipSha256 = '461a16ae517aebb65adc37a0da8f8c04fa4836da35a69239dc2f90f8098b5da0' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec index 7de51dedd..24b718a95 100644 --- a/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec +++ b/packages/outflank-c2-tool-collection.vm/outflank-c2-tool-collection.vm.nuspec @@ -2,11 +2,11 @@ outflank-c2-tool-collection.vm - 0.0.0.20240411 + 0.0.0.20240412 outflank Contains a collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques. - + diff --git a/packages/outflank-c2-tool-collection.vm/tools/chocolateyinstall.ps1 b/packages/outflank-c2-tool-collection.vm/tools/chocolateyinstall.ps1 index 8a0c04c2d..f2a4d0c21 100644 --- a/packages/outflank-c2-tool-collection.vm/tools/chocolateyinstall.ps1 +++ b/packages/outflank-c2-tool-collection.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/outflanknl/C2-Tool-Collection/archive/f02df22a206e $zipSha256 = '825e3372f6caf540ecbc20f31af6f4b9e711bd6ce64fb09d7d151cf4224de3d8' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec index 8483ce894..e1f96a3f8 100644 --- a/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec +++ b/packages/payloadsallthethings.vm/payloadsallthethings.vm.nuspec @@ -2,11 +2,11 @@ payloadsallthethings.vm - 0.0.0.20240411 + 0.0.0.20240412 swisskyrepo A list of useful payloads and bypasses for Web Application Security. - + diff --git a/packages/payloadsallthethings.vm/tools/chocolateyinstall.ps1 b/packages/payloadsallthethings.vm/tools/chocolateyinstall.ps1 index 6832b0c04..121085edb 100644 --- a/packages/payloadsallthethings.vm/tools/chocolateyinstall.ps1 +++ b/packages/payloadsallthethings.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/swisskyrepo/PayloadsAllTheThings/archive/cd19bb940 $zipSha256 = 'c2adbecb78e01e5d8987ab42b40a30b4a104ee6c2886d8143395645408f9f361' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/petitpotam.vm/petitpotam.vm.nuspec b/packages/petitpotam.vm/petitpotam.vm.nuspec index 6f7b592fa..619e4814d 100644 --- a/packages/petitpotam.vm/petitpotam.vm.nuspec +++ b/packages/petitpotam.vm/petitpotam.vm.nuspec @@ -2,11 +2,11 @@ petitpotam.vm - 0.0.0.20240411 + 0.0.0.20240412 topotam PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions - + diff --git a/packages/petitpotam.vm/tools/chocolateyinstall.ps1 b/packages/petitpotam.vm/tools/chocolateyinstall.ps1 index 4b193a904..7fe1d8ba7 100644 --- a/packages/petitpotam.vm/tools/chocolateyinstall.ps1 +++ b/packages/petitpotam.vm/tools/chocolateyinstall.ps1 @@ -7,4 +7,4 @@ $category = 'Exploitation' $zipUrl = 'https://github.com/topotam/PetitPotam/archive/d83ac8f2dd34654628c17490f99106eb128e7d1e.zip' $zipSha256 = '5429479879877c2a6263d79c1a83fbcbd0f9f37bf9870c155358d9dc25662862' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true diff --git a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec index e860bddde..86fdc5810 100644 --- a/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec +++ b/packages/pkg-unpacker.vm/pkg-unpacker.vm.nuspec @@ -2,11 +2,11 @@ pkg-unpacker.vm - 1.0.0.20240411 + 1.0.0.20240412 LockBlock-dev Unpacker for pkg applications. - + diff --git a/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 b/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 index e70c089a7..6c17f25d7 100644 --- a/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 +++ b/packages/pkg-unpacker.vm/tools/chocolateyinstall.ps1 @@ -8,7 +8,7 @@ try { $zipSha256 = '6eed1d492d37ca3934a3bc838c2256719a3e78ccf72ce1b1ca07684519ace16c' $powershellCommand = "npm install; node unpack.js" - $toolDir = VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand + $toolDir = (VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand)[0] } catch { VM-Write-Log-Exception $_ } diff --git a/packages/powermad.vm/powermad.vm.nuspec b/packages/powermad.vm/powermad.vm.nuspec index c731d976a..b3709f79c 100644 --- a/packages/powermad.vm/powermad.vm.nuspec +++ b/packages/powermad.vm/powermad.vm.nuspec @@ -2,11 +2,11 @@ powermad.vm - 0.0.0.20240411 + 0.0.0.20240412 Kevin-Robertson Powermad includes a set of functions for exploiting ms-DS-MachineAccountQuota without attaching an actual system to AD - + diff --git a/packages/powermad.vm/tools/chocolateyinstall.ps1 b/packages/powermad.vm/tools/chocolateyinstall.ps1 index 56d45ced4..d9c8a3fa9 100644 --- a/packages/powermad.vm/tools/chocolateyinstall.ps1 +++ b/packages/powermad.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = 'e01cfdb69f938ecd8c707e81dce2832935bb26e368405f2180b6858bce5b4d73' $powershellCommand = 'Import-Module .\Powermad.psd1; Get-Command -Module Powermad' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand diff --git a/packages/powersploit.vm/powersploit.vm.nuspec b/packages/powersploit.vm/powersploit.vm.nuspec index 11c0e0eab..edc992618 100644 --- a/packages/powersploit.vm/powersploit.vm.nuspec +++ b/packages/powersploit.vm/powersploit.vm.nuspec @@ -2,11 +2,11 @@ powersploit.vm - 0.0.0.20240411 + 0.0.0.20240412 HarmJ0y, 0xe7 PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. - + diff --git a/packages/powersploit.vm/tools/chocolateyinstall.ps1 b/packages/powersploit.vm/tools/chocolateyinstall.ps1 index 74c8bea3a..4db4c290d 100644 --- a/packages/powersploit.vm/tools/chocolateyinstall.ps1 +++ b/packages/powersploit.vm/tools/chocolateyinstall.ps1 @@ -9,7 +9,7 @@ $category = 'Exploitation' $zipUrl = 'https://github.com/ZeroDayLab/PowerSploit/archive/72a88240ed0c6527f3880a1fb15ea7a19589c2d8.zip' $zipSha256 = '4a86b4b92e97fe6f1d76d8d93d9e481c007809db803cc82f4f0ec86ff7186bcf' $powershellCommand = 'Import-Module .\PowerSploit.psd1; Get-Command -Module PowerSploit' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand # vars for powerview $toolName2 = 'PowerView' diff --git a/packages/powerupsql.vm/powerupsql.vm.nuspec b/packages/powerupsql.vm/powerupsql.vm.nuspec index 8a66f2879..227ad1946 100644 --- a/packages/powerupsql.vm/powerupsql.vm.nuspec +++ b/packages/powerupsql.vm/powerupsql.vm.nuspec @@ -2,11 +2,11 @@ powerupsql.vm - 0.0.0.20240411 + 0.0.0.20240412 NetSPI PowerUpSQL includes functions that support SQL Server discovery, weak configuration auditing, privilege escalation on scale, and post exploitation actions such as OS command execution. - + diff --git a/packages/powerupsql.vm/tools/chocolateyinstall.ps1 b/packages/powerupsql.vm/tools/chocolateyinstall.ps1 index 643881a3d..027a2ac8f 100644 --- a/packages/powerupsql.vm/tools/chocolateyinstall.ps1 +++ b/packages/powerupsql.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = 'fffed1c3f480b40616070e7ebb5bf7e8093e0bb483ce1ef2400f586018439c85' $powershellCommand = 'Import-Module .\PowerUpSQL.psd1; Get-Command -Module PowerUpSQL' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand diff --git a/packages/powerzure.vm/powerzure.vm.nuspec b/packages/powerzure.vm/powerzure.vm.nuspec index bfe36f620..e7ea121b5 100644 --- a/packages/powerzure.vm/powerzure.vm.nuspec +++ b/packages/powerzure.vm/powerzure.vm.nuspec @@ -2,11 +2,11 @@ powerzure.vm - 0.0.0.20240411 + 0.0.0.20240412 hausec PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. - + diff --git a/packages/powerzure.vm/tools/chocolateyinstall.ps1 b/packages/powerzure.vm/tools/chocolateyinstall.ps1 index 1726e7f87..292931c1f 100644 --- a/packages/powerzure.vm/tools/chocolateyinstall.ps1 +++ b/packages/powerzure.vm/tools/chocolateyinstall.ps1 @@ -9,4 +9,4 @@ $zipSha256 = '76e82df57013980cd6f3dd5b125e405e4ab3308368f2372121581a6a1e4a5a22' $powershellCommand = 'Import-Module Az, .\PowerZure.psm1; Invoke-PowerZure -h' -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand \ No newline at end of file +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -innerFolder $true -powershellCommand $powershellCommand \ No newline at end of file diff --git a/packages/routesixtysink.vm/routesixtysink.vm.nuspec b/packages/routesixtysink.vm/routesixtysink.vm.nuspec index 63c7d6995..2754560ad 100644 --- a/packages/routesixtysink.vm/routesixtysink.vm.nuspec +++ b/packages/routesixtysink.vm/routesixtysink.vm.nuspec @@ -2,11 +2,11 @@ routesixtysink.vm - 0.0.0.20240411 + 0.0.0.20240412 Dillon Franke, Michael Maturi Route Sixty-Sink is an open source tool that enables defenders and security researchers alike to quickly identify vulnerabilities in any .NET assembly using automated source-to-sink analysis. - + diff --git a/packages/routesixtysink.vm/tools/chocolateyinstall.ps1 b/packages/routesixtysink.vm/tools/chocolateyinstall.ps1 index 9ff11872c..9e2f1c87c 100644 --- a/packages/routesixtysink.vm/tools/chocolateyinstall.ps1 +++ b/packages/routesixtysink.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/mandiant/route-sixty-sink/archive/59195003c84d75fa $zipSha256 = '860df7a6f8b8b135e27e731d1cc11a61837a390fc7da46652f82920040802f15' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/rubeus.vm/rubeus.vm.nuspec b/packages/rubeus.vm/rubeus.vm.nuspec index 0e347a447..edaa940c4 100644 --- a/packages/rubeus.vm/rubeus.vm.nuspec +++ b/packages/rubeus.vm/rubeus.vm.nuspec @@ -2,11 +2,11 @@ rubeus.vm - 2.3.1.20240411 + 2.3.1.20240412 harmj0y Rubeus is a C# toolset for raw Kerberos interaction and abuses. - + diff --git a/packages/rubeus.vm/tools/chocolateyinstall.ps1 b/packages/rubeus.vm/tools/chocolateyinstall.ps1 index 7485a8c5a..623a104ef 100644 --- a/packages/rubeus.vm/tools/chocolateyinstall.ps1 +++ b/packages/rubeus.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://codeload.github.com/GhostPack/Rubeus/zip/baf34c7dcffb37cb96c9 $zipSha256 = 'a857b776e8f86a8f94da74beb6449fede16286aba129373a9899641aab078390' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/safetykatz.vm/safetykatz.vm.nuspec b/packages/safetykatz.vm/safetykatz.vm.nuspec index 082f77b11..a42468df9 100644 --- a/packages/safetykatz.vm/safetykatz.vm.nuspec +++ b/packages/safetykatz.vm/safetykatz.vm.nuspec @@ -2,11 +2,11 @@ safetykatz.vm - 0.0.0.20240411 + 0.0.0.20240412 HarmJ0y SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader. - + diff --git a/packages/safetykatz.vm/tools/chocolateyinstall.ps1 b/packages/safetykatz.vm/tools/chocolateyinstall.ps1 index e01283d68..6d89661de 100644 --- a/packages/safetykatz.vm/tools/chocolateyinstall.ps1 +++ b/packages/safetykatz.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/SafetyKatz/archive/715b311f76eb3a4c8d00a $zipSha256 = '97ed587a816ef87a310d43dba7b0370ab4cbc1756dbed102e38662abce84a81d' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true \ No newline at end of file +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true \ No newline at end of file diff --git a/packages/seatbelt.vm/seatbelt.vm.nuspec b/packages/seatbelt.vm/seatbelt.vm.nuspec index 359c7ce71..ee1efab1a 100644 --- a/packages/seatbelt.vm/seatbelt.vm.nuspec +++ b/packages/seatbelt.vm/seatbelt.vm.nuspec @@ -2,11 +2,11 @@ seatbelt.vm - 1.2.0.20240411 + 1.2.0.20240412 harmj0y, tifkin_ Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives. - + diff --git a/packages/seatbelt.vm/tools/chocolateyinstall.ps1 b/packages/seatbelt.vm/tools/chocolateyinstall.ps1 index 5ec53d8b7..6b6b87581 100644 --- a/packages/seatbelt.vm/tools/chocolateyinstall.ps1 +++ b/packages/seatbelt.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/Seatbelt/archive/96bd958cf45e3d877d842ce $zipSha256 = '05f6da0d0b77adfae105f2030862882fc8790cf47d98ec053762b9ac99250184' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/seclists.vm/seclists.vm.nuspec b/packages/seclists.vm/seclists.vm.nuspec index 275550b57..6bd1274ef 100644 --- a/packages/seclists.vm/seclists.vm.nuspec +++ b/packages/seclists.vm/seclists.vm.nuspec @@ -2,11 +2,11 @@ seclists.vm - 2024.1.0.20240411 + 2024.1.0.20240412 danielmiessler SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. - + diff --git a/packages/seclists.vm/tools/chocolateyinstall.ps1 b/packages/seclists.vm/tools/chocolateyinstall.ps1 index e0d081e4d..163bd8f86 100644 --- a/packages/seclists.vm/tools/chocolateyinstall.ps1 +++ b/packages/seclists.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/danielmiessler/SecLists/archive/refs/tags/2024.1.z $zipSha256 = '189c9491898c070e3c6e7d51ecc370d96c9b13c9f289dc629ce078b0709780aa' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec index a4fc3b708..74a6eeda3 100644 --- a/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec +++ b/packages/sharpdpapi.vm/sharpdpapi.vm.nuspec @@ -2,11 +2,11 @@ sharpdpapi.vm - 1.11.3.20240411 + 1.11.3.20240412 harmj0y SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project. - + diff --git a/packages/sharpdpapi.vm/tools/chocolateyinstall.ps1 b/packages/sharpdpapi.vm/tools/chocolateyinstall.ps1 index c8a7f4fc9..ff98a5ca1 100644 --- a/packages/sharpdpapi.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpdpapi.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/SharpDPAPI/archive/02992ff2c5c48f38602b0 $zipSha256 = 'dd0bd7ceedf87a6952c1e6d8c1865f434f316b187c3f783fe176ad323e7b0f81' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpdump.vm/sharpdump.vm.nuspec b/packages/sharpdump.vm/sharpdump.vm.nuspec index 4703a8ca0..5f1e5547b 100644 --- a/packages/sharpdump.vm/sharpdump.vm.nuspec +++ b/packages/sharpdump.vm/sharpdump.vm.nuspec @@ -2,11 +2,11 @@ sharpdump.vm - 0.0.0.20240411 + 0.0.0.20240412 HarmJ0y SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality. - + diff --git a/packages/sharpdump.vm/tools/chocolateyinstall.ps1 b/packages/sharpdump.vm/tools/chocolateyinstall.ps1 index 806a1697a..7c5a5b6f8 100644 --- a/packages/sharpdump.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpdump.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/SharpDump/archive/41cfcf9b1abed2da79a93c $zipSha256 = 'c7ddbf34fc9546638d05344727c7a07bbdf492f4f2313456ee5097a5dbea942a' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpexec.vm/sharpexec.vm.nuspec b/packages/sharpexec.vm/sharpexec.vm.nuspec index f295ae58c..d65a50f22 100644 --- a/packages/sharpexec.vm/sharpexec.vm.nuspec +++ b/packages/sharpexec.vm/sharpexec.vm.nuspec @@ -2,11 +2,11 @@ sharpexec.vm - 0.0.0.20240411 + 0.0.0.20240412 anthemtotheego SharpExec is an offensive security C# tool designed to aid with lateral movement. - + diff --git a/packages/sharpexec.vm/tools/chocolateyinstall.ps1 b/packages/sharpexec.vm/tools/chocolateyinstall.ps1 index 2fcf9b5ad..edd2f882e 100644 --- a/packages/sharpexec.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpexec.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/anthemtotheego/SharpExec/archive/852384499de1ab7b5 $zipSha256 = 'd032aa7772d8c0d47f30a77381c372cf5d181fea2836c9c85d65eb052785d2df' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec index 3b7f9ab44..354185bc7 100644 --- a/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec +++ b/packages/sharpsecdump.vm/sharpsecdump.vm.nuspec @@ -2,11 +2,11 @@ sharpsecdump.vm - 0.0.0.20240411 + 0.0.0.20240412 G0ldenGunSec .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py - + diff --git a/packages/sharpsecdump.vm/tools/chocolateyinstall.ps1 b/packages/sharpsecdump.vm/tools/chocolateyinstall.ps1 index 9c1f4ae18..af566b255 100644 --- a/packages/sharpsecdump.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpsecdump.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/G0ldenGunSec/SharpSecDump/archive/ef2463688e405fad $zipSha256 = '10108c1817d21f747e10317ccca14b58d3e060c7c3fe268eccf81ef58e448ae4' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpup.vm/sharpup.vm.nuspec b/packages/sharpup.vm/sharpup.vm.nuspec index b7235f01b..8dc3dc2e7 100644 --- a/packages/sharpup.vm/sharpup.vm.nuspec +++ b/packages/sharpup.vm/sharpup.vm.nuspec @@ -2,11 +2,11 @@ sharpup.vm - 0.0.0.20240411 + 0.0.0.20240412 harmj0y SharpUp is a C# port of various PowerUp functionality for auditing potential privilege escalation paths. - + diff --git a/packages/sharpup.vm/tools/chocolateyinstall.ps1 b/packages/sharpup.vm/tools/chocolateyinstall.ps1 index bdee47ad2..a7b1a9fff 100644 --- a/packages/sharpup.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpup.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/SharpUp/archive/7e172961002125417a0f8a84 $zipSha256 = '6bf0c25dcd322f3f058d474f827ab3b772cbd7e8ad1a0010a0b8fda3d2a0a761' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpview.vm/sharpview.vm.nuspec b/packages/sharpview.vm/sharpview.vm.nuspec index 2e5097c05..4560df2b4 100644 --- a/packages/sharpview.vm/sharpview.vm.nuspec +++ b/packages/sharpview.vm/sharpview.vm.nuspec @@ -2,11 +2,11 @@ sharpview.vm - 0.0.0.20240411 + 0.0.0.20240412 tevora .NET port of PowerView used for information gathering within Active Directory - + diff --git a/packages/sharpview.vm/tools/chocolateyinstall.ps1 b/packages/sharpview.vm/tools/chocolateyinstall.ps1 index 24c32e708..edaa95f7d 100644 --- a/packages/sharpview.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpview.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/tevora-threat/SharpView/archive/b60456286b41bb055e $zipSha256 = 'b5b2dd91fe22f56fb846d849052fc3205f177cbd067069e6d829e38eea0aca49' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/sharpwmi.vm/sharpwmi.vm.nuspec b/packages/sharpwmi.vm/sharpwmi.vm.nuspec index bf2b18102..96e24046a 100644 --- a/packages/sharpwmi.vm/sharpwmi.vm.nuspec +++ b/packages/sharpwmi.vm/sharpwmi.vm.nuspec @@ -2,11 +2,11 @@ sharpwmi.vm - 0.0.0.20240411 + 0.0.0.20240412 HarmJ0y SharpWMI is a C# implementation of various WMI functionality. - + diff --git a/packages/sharpwmi.vm/tools/chocolateyinstall.ps1 b/packages/sharpwmi.vm/tools/chocolateyinstall.ps1 index f3665c534..208858393 100644 --- a/packages/sharpwmi.vm/tools/chocolateyinstall.ps1 +++ b/packages/sharpwmi.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/GhostPack/SharpWMI/archive/0600f57aeb4733ba6fec585 $zipSha256 = '0dbdd04a8a62e16de40373ae416b732cd48fb642ac7b3ff243bb9580249058f5' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec index 4f157c712..fbe282c85 100644 --- a/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec +++ b/packages/situational-awareness-bof.vm/situational-awareness-bof.vm.nuspec @@ -2,11 +2,11 @@ situational-awareness-bof.vm - 0.0.0.20240411 + 0.0.0.20240412 trustedsec Provides a set of basic situational awareness commands implemented in a Beacon Object File (BOF). This allows you to perform some checks on a host before you begin executing commands that may be more invasive. - + diff --git a/packages/situational-awareness-bof.vm/tools/chocolateyinstall.ps1 b/packages/situational-awareness-bof.vm/tools/chocolateyinstall.ps1 index e7d36880a..995d6e965 100644 --- a/packages/situational-awareness-bof.vm/tools/chocolateyinstall.ps1 +++ b/packages/situational-awareness-bof.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://codeload.github.com/trustedsec/CS-Situational-Awareness-BOF/z $zipSha256 = 'b461e5a0dde271ee29c2105f8b064e6c3d38f4996c09478c16bb1f071cee00c1' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/spoolsample.vm/spoolsample.vm.nuspec b/packages/spoolsample.vm/spoolsample.vm.nuspec index a8c5000aa..d3ee4e633 100644 --- a/packages/spoolsample.vm/spoolsample.vm.nuspec +++ b/packages/spoolsample.vm/spoolsample.vm.nuspec @@ -2,11 +2,11 @@ spoolsample.vm - 0.0.0.20240411 + 0.0.0.20240412 tifkin_, harmj0y, enigma0x3 PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. - + diff --git a/packages/spoolsample.vm/tools/chocolateyinstall.ps1 b/packages/spoolsample.vm/tools/chocolateyinstall.ps1 index c05631fae..5b40fe510 100644 --- a/packages/spoolsample.vm/tools/chocolateyinstall.ps1 +++ b/packages/spoolsample.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/leechristensen/SpoolSample/archive/688971e69cbe924 $zipSha256 = '1e5f54b9317ac053fe51e373b3e3b830573e2d14612bf4a038750a6c6284fb3d' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec index 69ec6c80b..403f129d7 100644 --- a/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec +++ b/packages/statistically-likely-usernames.vm/statistically-likely-usernames.vm.nuspec @@ -2,11 +2,11 @@ statistically-likely-usernames.vm - 0.0.0.20240411 + 0.0.0.20240412 insidetrust This resource contains wordlists for creating statistically likely usernames for use in username-enumeration, simulated password-attacks and other security testing tasks. - + diff --git a/packages/statistically-likely-usernames.vm/tools/chocolateyinstall.ps1 b/packages/statistically-likely-usernames.vm/tools/chocolateyinstall.ps1 index ad1180cf0..e9fe03c9c 100644 --- a/packages/statistically-likely-usernames.vm/tools/chocolateyinstall.ps1 +++ b/packages/statistically-likely-usernames.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/insidetrust/statistically-likely-usernames/archive $zipSha256 = 'f52a84310e098d662ae212eccc979cefc1d061aa06aca765a8e0f98a4ece3c0c' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/stracciatella.vm/stracciatella.vm.nuspec b/packages/stracciatella.vm/stracciatella.vm.nuspec index c544b66d5..7e274512f 100644 --- a/packages/stracciatella.vm/stracciatella.vm.nuspec +++ b/packages/stracciatella.vm/stracciatella.vm.nuspec @@ -2,11 +2,11 @@ stracciatella.vm - 0.7.0.20240411 + 0.7.0.20240412 mgeeky Powershell runspace from within C# (aka SharpPick technique) with AMSI, ETW and Script Block Logging disabled. - + diff --git a/packages/stracciatella.vm/tools/chocolateyinstall.ps1 b/packages/stracciatella.vm/tools/chocolateyinstall.ps1 index 77c3bc731..1820223d6 100644 --- a/packages/stracciatella.vm/tools/chocolateyinstall.ps1 +++ b/packages/stracciatella.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/mgeeky/Stracciatella/archive/acc83e21951049ab4998e $zipSha256 = 'd9299fca780945becf9907b052112e7149fb2a2d51e28f0e73e8326455f47a82' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/syswhispers2.vm/syswhispers2.vm.nuspec b/packages/syswhispers2.vm/syswhispers2.vm.nuspec index bc198ffdf..e37662c41 100644 --- a/packages/syswhispers2.vm/syswhispers2.vm.nuspec +++ b/packages/syswhispers2.vm/syswhispers2.vm.nuspec @@ -2,11 +2,11 @@ syswhispers2.vm - 0.0.0.20240411 + 0.0.0.20240412 jthuraisamy SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. - + diff --git a/packages/syswhispers2.vm/tools/chocolateyinstall.ps1 b/packages/syswhispers2.vm/tools/chocolateyinstall.ps1 index 59735176d..7fcd27d1a 100644 --- a/packages/syswhispers2.vm/tools/chocolateyinstall.ps1 +++ b/packages/syswhispers2.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/jthuraisamy/SysWhispers2/archive/05ad0d9ec769fac27 $zipSha256 = '4741ad22fe05a9dc8e89885b37a458c12b286a9de2e3f306b57c7a5ef5f7596e' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/syswhispers3.vm/syswhispers3.vm.nuspec b/packages/syswhispers3.vm/syswhispers3.vm.nuspec index d1dc39056..bf81c56b6 100644 --- a/packages/syswhispers3.vm/syswhispers3.vm.nuspec +++ b/packages/syswhispers3.vm/syswhispers3.vm.nuspec @@ -2,11 +2,11 @@ syswhispers3.vm - 0.0.0.20240411 + 0.0.0.20240412 klezVirus SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. - + diff --git a/packages/syswhispers3.vm/tools/chocolateyinstall.ps1 b/packages/syswhispers3.vm/tools/chocolateyinstall.ps1 index a7172fbbe..b935715a9 100644 --- a/packages/syswhispers3.vm/tools/chocolateyinstall.ps1 +++ b/packages/syswhispers3.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/klezVirus/SysWhispers3/archive/e3d5fc744c2e5c0ae95 $zipSha256 = '987d04d404ee86536e04c488037fa9c9caa12d35fefdf9c0bc193d1bfed4c96a' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/trustedsec-remote-ops-bof.vm/tools/chocolateyinstall.ps1 b/packages/trustedsec-remote-ops-bof.vm/tools/chocolateyinstall.ps1 index 6e528ec0c..133eb2deb 100644 --- a/packages/trustedsec-remote-ops-bof.vm/tools/chocolateyinstall.ps1 +++ b/packages/trustedsec-remote-ops-bof.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/trustedsec/CS-Remote-OPs-BOF/archive/a7ef2b8551568 $zipSha256 = '61bf693272484d9f9ea25871ea57489cb24248c014782cacad1c1bb80e90962b' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec index 73e699e2f..25da47489 100644 --- a/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec +++ b/packages/trustedsec-remote-ops-bof.vm/trustedsec-remote-ops-bof.vm.nuspec @@ -2,11 +2,11 @@ truestedsec-remote-ops-bof.vm - 0.0.0.20240411 + 0.0.0.20240412 trustedsec Addition to Situational Awareness BOFs intended for single task Windows primitives such as creating a task, stopping a service, etc. - + diff --git a/packages/unhook-bof.vm/tools/chocolateyinstall.ps1 b/packages/unhook-bof.vm/tools/chocolateyinstall.ps1 index da3ca06c8..1308bb8e6 100644 --- a/packages/unhook-bof.vm/tools/chocolateyinstall.ps1 +++ b/packages/unhook-bof.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/rsmudge/unhook-bof/archive/fa3c8d8a397719c5f231033 $zipSha256 = '086f7ded18af7b397be78f63a7b4879bb1a6722f4b192d0139a02863332089ef' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/unhook-bof.vm/unhook-bof.vm.nuspec b/packages/unhook-bof.vm/unhook-bof.vm.nuspec index 80d09d1e4..236222cc9 100644 --- a/packages/unhook-bof.vm/unhook-bof.vm.nuspec +++ b/packages/unhook-bof.vm/unhook-bof.vm.nuspec @@ -2,11 +2,11 @@ unhook-bof.vm - 0.0.0.20240411 + 0.0.0.20240412 rsmudge, physics-sec This is a Beacon Object File to refresh DLLs and remove their hooks. The code is from Cylance's Universal Unhooking research. - + diff --git a/packages/whisker.vm/tools/chocolateyinstall.ps1 b/packages/whisker.vm/tools/chocolateyinstall.ps1 index 96858dac7..3cade6e1b 100644 --- a/packages/whisker.vm/tools/chocolateyinstall.ps1 +++ b/packages/whisker.vm/tools/chocolateyinstall.ps1 @@ -8,4 +8,4 @@ $zipUrl = 'https://github.com/eladshamir/Whisker/archive/0bc2a0acc4a92b49c69d873 $zipSha256 = 'b181b639f2d18fb37e045d27cbe522e7b97aaa85c30dc0cb9bc75eaf6b939f9a' # This tool does not have a `.exe` associated with it, so this links it to the directory -VM-Install-Raw-GitHub-Repo $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true +VM-Install-From-Zip $toolName $category $zipUrl $zipSha256 -withoutBinFile -innerFolder $true diff --git a/packages/whisker.vm/whisker.vm.nuspec b/packages/whisker.vm/whisker.vm.nuspec index 088579070..d42926fdb 100644 --- a/packages/whisker.vm/whisker.vm.nuspec +++ b/packages/whisker.vm/whisker.vm.nuspec @@ -2,11 +2,11 @@ whisker.vm - 0.0.0.20240411 + 0.0.0.20240412 Elad Shamir Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account. - +