The Veil-Framework is a collection of red team security tools that implement various attack methods focused on evading detection. It currently consists of:
- Veil-Evasion: a tool to generate antivirus-evading payloads using a variety of techniques and languages
- Veil-Catapult: a psexec-style payload delivery system that integrates Veil-Evasion
- Veil-Pillage: a modular post-exploitation framework that integrates Veil-Evasion
- Veil-PowerView: a powershell tool to gain network situational awareness on Windows domains
The Veil-Framework is located at https://github.com/Veil-Framework/, and the framework superproject is at https://github.com/Veil-Framework/Veil/ which we recommend most users use. This will pull down stable branches of each tool and update them appropriately.
excellent tool. I wonder if there would be a way to pad the encoded part to produce an overall file with lower entropy. Heuristics scanners may pick up on the PE high entropy part of the file, warranting unnecessary attention.
http://corte.si/posts/visualisation/malware/
http://deadhacker.com/2007/05/13/finding-entropy-in-binary-files/
Valid point, would be worth us looking into. If you have any suggestions, or can create a poc, we’d be interested in seeing something too
I love this tool but would it be possible to include a reverse http hop payload?
Hey guys,
Can’t tell you how much I love the work this project represents, and the superb quality of effort that’s gone into making it work by the team. I wouldn’t bother commenting otherwise.
But…
Does the project need help with documentation?
If so, can I help?
What would I need to bring to the table to be of practical use?
It looks like as the project evolved, your documentation became a bit inconsistent with itself. Minor things like directing us to run “./setup.sh” when that file might have become “./Install.sh” over time, or deprecating Catapult in favour of Pillage, but the main README.md for the “Veil” superproject still references Catapult – and so on. I feel certain this must lead to lots of (possibly?) needless support requests.
Again, I’m not here to beat you up over this; I looove the project, and want to help.
Much love for giving back, guys,
Nerishi
Hey there, that would definitely be really helpful. If you’d like, shoot me an e-mail and we can talk about it.