Greetings,
I am here today to present Aspect
Aspect is a modular post exploitation framework designed to successfully operate on mature environments, and aims to be a alternative to the well known threat emulation tool known as cobalt strike.
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with.
It is powered by c ++ c and c #, And uses a custom built engine for payload generation that we have named "aspect +".
By morphing the capabilities of aspect + with the capabilities of Aspect it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs and more fully inside memory without a single file being written to disk.
Steps are taken to avoid userland API hooking, anti DLL injection to make it harder for EDR to load code into the beacons and official Microsoft mitigation methods to protect spawn processes.
The main features of the Aspect command and control network:
The aspect C2 is built to run on docker allowing for ease of cross platform use
The C2 is a extremely modular platform allowing for users to create new modules that can interact with and task beacons
Custom beacons are able to be built and used with an easy to implement protocol
The C2 server is able to mirror any website in real time, relaying all non C2 traffic to that site, reducing suspicion.
The main features of Aspect beacons:
Beacons can be generated and used in several different formats.
Advanced process injection allows the operator to execute virtually any type of injections.
Highly configurable beacons allowing for the customization sleep respond times custom user agents and more
HTTPS c2 communications allow for encryption to and from the c2
Proxy aware allowing for all callbacks to use the current system proxy
Current modules:
Built in privilege escalation exploits
A ghost log module capable of disabling ETW and sysmon
Mimi Katz support for all your credential theft needs
Reverse SOCKS proxy
Stdapi containing common commands to interact with the file system
Easy data exfiltration
The product is tested on: windows 7,windows 8, windows 10 and there respective server additions
Disclaimer: We only deal through the guarantor
Price: 2000
Contact: PM first for jabber
Rules:
Reselling of this product is strictly forbidden
I am here today to present Aspect
Aspect is a modular post exploitation framework designed to successfully operate on mature environments, and aims to be a alternative to the well known threat emulation tool known as cobalt strike.
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with.
It is powered by c ++ c and c #, And uses a custom built engine for payload generation that we have named "aspect +".
By morphing the capabilities of aspect + with the capabilities of Aspect it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs and more fully inside memory without a single file being written to disk.
Steps are taken to avoid userland API hooking, anti DLL injection to make it harder for EDR to load code into the beacons and official Microsoft mitigation methods to protect spawn processes.
The main features of the Aspect command and control network:
The aspect C2 is built to run on docker allowing for ease of cross platform use
The C2 is a extremely modular platform allowing for users to create new modules that can interact with and task beacons
Custom beacons are able to be built and used with an easy to implement protocol
The C2 server is able to mirror any website in real time, relaying all non C2 traffic to that site, reducing suspicion.
The main features of Aspect beacons:
Beacons can be generated and used in several different formats.
Advanced process injection allows the operator to execute virtually any type of injections.
Highly configurable beacons allowing for the customization sleep respond times custom user agents and more
HTTPS c2 communications allow for encryption to and from the c2
Proxy aware allowing for all callbacks to use the current system proxy
Current modules:
Built in privilege escalation exploits
A ghost log module capable of disabling ETW and sysmon
Mimi Katz support for all your credential theft needs
Reverse SOCKS proxy
Stdapi containing common commands to interact with the file system
Easy data exfiltration
The product is tested on: windows 7,windows 8, windows 10 and there respective server additions
Disclaimer: We only deal through the guarantor
Price: 2000
Contact: PM first for jabber
Rules:
Reselling of this product is strictly forbidden