{"id":20563726,"url":"https://github.com/trustedsec/nps_payload","last_synced_at":"2025-04-05T00:08:55.442Z","repository":{"id":41497711,"uuid":"98112614","full_name":"trustedsec/nps_payload","owner":"trustedsec","description":"This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources.  Written by Larry Spohn (@Spoonman1091) Payload written by Ben Mauch (@Ben0xA) aka dirty_ben","archived":false,"fork":false,"pushed_at":"2023-11-30T09:24:13.000Z","size":26,"stargazers_count":441,"open_issues_count":5,"forks_count":122,"subscribers_count":27,"default_branch":"master","last_synced_at":"2025-03-28T23:07:21.995Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/trustedsec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-23T17:01:19.000Z","updated_at":"2025-03-03T18:53:57.000Z","dependencies_parsed_at":"2024-11-16T05:00:13.650Z","dependency_job_id":null,"html_url":"https://github.com/trustedsec/nps_payload","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trustedsec%2Fnps_payload","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trustedsec%2Fnps_payload/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trustedsec%2Fnps_payload/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/trustedsec%2Fnps_payload/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/trustedsec","download_url":"https://codeload.github.com/trustedsec/nps_payload/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247266564,"owners_count":20910836,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-16T04:20:29.116Z","updated_at":"2025-04-05T00:08:55.425Z","avatar_url":"https://github.com/trustedsec.png","language":"Python","readme":"This script will generate payloads for basic intrusion detection avoidance.\nIt utilizes publicly demonstrated techniques from several different sources.\n\nWritten by Larry Spohn (@Spoonman1091)\nPayload written by Ben Mauch (@Ben0xA) aka dirty_ben\n-------------------------------------------------------------------------------------------\n\nCredits:\n\nhttps://github.com/Ben0xA/nps\n@Ben0xA\n\nBypassing Application Whitelisting using MSBuild.exe - Device Guard Example and Mitigations\nhttp://subt0x10.blogspot.com/2016/09/bypassing-application-whitelisting.html\n@subTee\n\nBypassing Virtualization and Sandbox Technologies\nhttps://www.trustedsec.com/may-2015/bypassing-virtualization-and-sandbox-technologies/\n@HackingDave\n\nSleeping Your Way out of the Sandbox\nhttps://www.sans.org/reading-room/whitepapers/malicious/sleeping-sandbox-35797\nHassan.morad@gmail.com\n\n-------------------------------------------------------------------------------------------\nv1.03\n  Cleaned up the output of the payload creation to make it easier to read and copy \u0026 paste.\n\nv1.02\n  Fixed logic in creation of a new msbuild.rc resource script\n\nv1.01\n  Added \"Custom PS1 Payload\" option.\n\nv1.0\n  Initial Release\n\n-------------------------------------------------------------------------------------------\n\nRequirements:\n\n`pip install -r requirements.txt`\n\n-------------------------------------------------------------------------------------------\n\nSetting up samba shares:\n\n1. `apt-get install samba`\n2. `vi/nano/whatever /etc/samba/smb.conf`\n3. add the following to the bottom of the file (change as appropriate)\n\n```\n[payloads$]\n   comment = Dirty Payloads\n   path = /opt/shares/payloads\n   browsable = yes\n   guest ok = yes\n   read only = yes\n```\n4. `service smbd restart`\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrustedsec%2Fnps_payload","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftrustedsec%2Fnps_payload","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftrustedsec%2Fnps_payload/lists"}