Offensive Security Techniques Repo: RustRedOps

by | Feb 23, 2024 | Tools

Post Views: 3,709

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon

Reading Time: 2 Minutes

RustRedOps

RustRedOps by joaoviictorti is a repository dedicated to gathering and sharing various tools, projects, advanced techniques and offensive malware related to Red Team operations, with a specific focus on the Rust programming language. It can help penetration testers who want to perform security assessments and intrusion tests.

See Also: A Practical Guide to Hacking Techniques for finding Top Bugs.
The Bug Bounty Hunting Course

Contents

The repository is organized into several projects, each with its own purpose and functionality. Here are some examples of the projects included:

  1. APC Injection

    • This project exploits the Asynchronous Code Injection (APC) technique to execute malicious code in target processes.

  2. Early Bird APC Injection

    • It focuses on a variation of APC injection, executing code before the main process starts.

  3. Local Payload Execution

    • This project addresses the direct execution of malicious payloads in a system’s local environment.

  4. Process Argument Spoofing

    • Exploits the technique of masking or altering the arguments of a process to hide malicious activity.

  5. Process Injection (DLL)

    • It focuses on injecting dynamic link libraries (DLL) into running processes to execute malicious code.

  6. Process Injection (Shellcode)

    • It exploits shellcode injection directly into running processes to control or execute malicious tasks.

  7. Local Thread Hijacking

    • This project deals with hijacking the threads of processes running on the local system to execute malicious code.

  8. Remote Thread Hijacking

    • It addresses the hijacking of threads in remote system processes to carry out malicious actions.

  9. Local Function Stomping Injection

    • It focuses on replacing locally running functions with malicious code, changing their default behavior.

  10. Remote Function Stomping Injection

    • It exploits the substitution of functions in remote systems to carry out malicious activities.

  11. Local Mapping Injection

    • Performing malicious code injection via memory mapping into local processes.

  12. Remote Mapping Injection

    • Performing malicious code injection via memory mapping into remote processes.

  13. Minidump-rs

    • Dumping the lsass.exe process.

  14. Registry Shellcode

    • Writing and reading shellcode to the Windows Registry.

  15. API Hooking

    • Demonstration on API hooking which is a programming technique that allows you to intercept and manipulate calls to Windows API functions.

  16. Encryption AES (Shellcode)

    • Encrypting / Decrypting a shellcode using AES.

  17. Encryption RC4 (Shellcode)

    • Encrypting / Decrypting a shellcode using RC4.

  18. String Hashing

    • Creating string hashes to perform hiding.

  19. Anti-Debug

    • Techniques Anti-Debugging.

  20. Local Payload Execution (Linux)

    • This project deals with the direct execution of malicious payloads in the local environment of a system in which we focus on linux.

  21. Syscalls

    • This project focuses on the injection attack in the local process, but using syscalls directly.

  22. Anti-Analysis

    • Techniques Anti-Analysis.

  23. Remove CRT

    • It focuses on removing the CRT (C Runtime Library) from the binary.

  24. Request Shellcode

    • Retrieving shellcode from HTTP requests using Rust.

  25. Enumeration Process

    • Enumerating processes with Rust.

  26. IAT

    • IAT obfuscation by replacing GetProcAddress and GetModuleHandle.

  27. Create Driver

    • It’s a project to demonstrate how to create a simple driver using rust.

  28. Create DLL

    • It’s a project to demonstrate how to create dll using rust.

  29. WMI

    • Running WMI (Windows Management Instrumentation) queries.

  30. Enable All Tokens

    • Enabling all privilege tokens.

  31. PPID Spoofing

    • Demonstrating the PPID Spoofing technique.

  32. Callback Code Execution

    • Demonstration of shellcode execution via callback.

  33. Payload Execution Control

    • Controlling payload execution through Mutex, Events and Semaphores.

  34. Parsing PE Headers

    • The code is focused on parsing the PE header of any Windows executable file.

  35. Block DLL Policy

    • Avoiding the loading of DLLS not signed by Microsoft.

  36. Execute Command

    • Running commands with Rust.

  37. Payload Placement

    • Storing a shellcode in the .text section and then executing it.

  38. Payload Execution Fibers

    • Running shellcode using Fibers.

  39. Obfuscation Shellcode

    • Shellcode obfuscation using IPV4, IPV6, MAC and UUIDs.

  40. WebAssembly Shellcode

    • Running shellcode through WebAssembly.

  41. Extract WIFI

    • Extracting WIFI passwords using winapis is a customized form of the netsh command.

  42. Self Deletion

    • Technique for deleting the running binary.

  43. Binary Info

    • This is just a simple demonstration in case you want to include metadata in your Rust binary or change the associated icon.

  44. NTDLL Unhooking

    • Running NTDLL Unhooking through a suspended process.

See Also: Offensive Security Tool: Bob The Smuggler

See Also: Offensive Security Tool: Headerpwn

Resources

  • Each individual project can include a features section that details the project’s main features and functionalities.
  • You can view the installation instructions, usage and examples for each project in their respective directories.

 

Requirements

  • Rust: Rust is a modern and secure programming language used to develop the tools in this repository.
  • Cargo: Cargo is Rust’s package manager and compiler, essential for compiling and running projects.

 

Compile

Compiling the Project

To start the compilation, use the following command:

cargo build --release

Adding Destination Architectures

If you are using a different operating system or need to compile for a specific architecture, you can list all available target architectures with the following command:

rustup target list

Once you have identified the desired target architecture, add it using rustup:

rustup target add <arch>

Replace with the desired architecture, such as x86_64-pc-windows-gnu.

Compiling for a Specific Architecture

Then compile the project for the specific architecture:

cargo build --release --target <arch> 

How to get started

Follow these steps to start using the projects in this repository:

  1. Clone this repository on your local machine:

git clone https://github.com/joaoviictorti/RustRedOps.git

2. Navigate to the directory of the project you are interested in:

cd RustRedOps/ <name-project>  

3. Follow the project-specific installation and usage instructions as described in the README inside this directory.

 

 

Clone the repo from here: GitHub Link

 

See Also: Post-Exploitation Techniques: Maintaining Access, Escalating Privileges, Gathering Credentials, Covering Tracks

Merch

Recent Tools

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This