Skip to content

v1.1.0: "Age of Steel"
Compare
Choose a tag to compare
@mttaggart mttaggart released this 23 Mar 14:24
· 131 commits to main since this release
v1.1.0
6584c61
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Screenshot_20220323_060713

Less than a month after our initial release, this version adds quite a bit of exciting functionality and improvements!

selfdestruct

With the addition of this command, OffensiveNotion can now clean up after itself and leave fewer artifacts for defenders to detect!

inject self

The Windows agent now has a self-injector option for shellcode injection. This maps the shellcode into the agent's own process and executes it as a thread. This is a good option for inline execution of another C2 agent.

Docker build pipeline improvements.

The Docker image is leaner, meaner, and easier to use. The entire build process is run through Docker now, meaning the only commands you'll need are docker build and docker run.

macOS Build!

We've saved the best for last: OffensiveNotion now runs on macOS! The macOS agent has full feature parity with the Linux version, including 2 mechanisms for persistence:

  • launchagent: Creates a LaunchAgent in either the user folder or the root LaunchAgents folder, depending on elevation. And yes, elevate via sudo works!
  • loginitem: Creates a Login Item to start OffensiveNotion when the user logs in.

We've even provided instructions on the wiki for how to build a proper .app package for your engagement!

Thanks as always for supporting OffensiveNotion. We hope you enjoy using this tool as much as we enjoy building it.

Assets 5
Loading