Posts: 11 Threads: 3 Joined: May 2022 November 16, 2022 at 5:02 PM (November 16, 2022, 03:58 AM)x1z1 Wrote: (November 15, 2022, 09:52 PM)section777 Wrote: (November 15, 2022, 09:11 PM)x1z1 Wrote: either creat your own RAT or you`ll have to fully check the code or maybe full analyse it on a test machine
check full the code is it posible for fews hours ? i ask about standard rat ,small size.
well if its a short one , the a static check should be ur base start Thanks Posts: 190 Threads: 6 Joined: Sep 2022 November 16, 2022 at 5:32 PM (November 16, 2022, 05:02 PM)section777 Wrote: (November 16, 2022, 03:58 AM)x1z1 Wrote: (November 15, 2022, 09:52 PM)section777 Wrote: (November 15, 2022, 09:11 PM)x1z1 Wrote: either creat your own RAT or you`ll have to fully check the code or maybe full analyse it on a test machine
check full the code is it posible for fews hours ? i ask about standard rat ,small size.
well if its a short one , the a static check should be ur base start
Thanks You're welcome buddy Posts: 145 Threads: 17 Joined: Mar 2022 November 16, 2022 at 6:01 PM
if post,the fud will be dead before to be born.
Is it any trusted member here or any coder somwhere else who read/check the source as service ? as pay for checking ? it can be good idea but also the "checker" can put somthing inside...that's the problem. 😕
regards
Use a local installation of cuckoo sandbox on both the installer and payload made. Make sure no connections are made from the builder and the payload only connects to your c2.  i am in your walls Posts: 11 Threads: 3 Joined: May 2022 November 19, 2022 at 4:56 PM (November 16, 2022, 06:01 PM)tty Wrote:
if post,the fud will be dead before to be born.
Is it any trusted member here or any coder somwhere else who read/check the source as service ? as pay for checking ? it can be good idea but also the "checker" can put somthing inside...that's the problem. 😕
regards
Use a local installation of cuckoo sandbox on both the installer and payload made. Make sure no connections are made from the builder and the payload only connects to your c2. yes nice way but how to sure no connection betwen both ? with port scanning ? regards; Posts: 145 Threads: 17 Joined: Mar 2022 November 19, 2022 at 5:48 PM (November 19, 2022, 04:56 PM)section777 Wrote: (November 16, 2022, 06:01 PM)tty Wrote:
if post,the fud will be dead before to be born.
Is it any trusted member here or any coder somwhere else who read/check the source as service ? as pay for checking ? it can be good idea but also the "checker" can put somthing inside...that's the problem. 😕
regards
Use a local installation of cuckoo sandbox on both the installer and payload made. Make sure no connections are made from the builder and the payload only connects to your c2.
yes nice way but how to sure no connection betwen both ? with port scanning ?
regards; Cuckoo sandbox will show you all network connections made i am in your walls Posts: 11 Threads: 3 Joined: May 2022 November 23, 2022 at 9:58 PM (November 19, 2022, 05:48 PM)tty Wrote: (November 19, 2022, 04:56 PM)section777 Wrote: (November 16, 2022, 06:01 PM)tty Wrote:
if post,the fud will be dead before to be born.
Is it any trusted member here or any coder somwhere else who read/check the source as service ? as pay for checking ? it can be good idea but also the "checker" can put somthing inside...that's the problem. 😕
regards
Use a local installation of cuckoo sandbox on both the installer and payload made. Make sure no connections are made from the builder and the payload only connects to your c2.
yes nice way but how to sure no connection betwen both ? with port scanning ?
regards;
Cuckoo sandbox will show you all network connections made amazing answer.thanks for your help,that exactly ppl like you who is needed over forum.hard to find now.... |
