BallisKit

@BallisKit

BallisKit provides tooling and services to professional Pentesters & Red Teams. We develop MacroPack, ShellcodePack, and DarwinOps. #redteam #infosec

France

Joined June 2020

33Following

3KFollowers

Pinned

BallisKit Retweeted

Emeric Nasi@EmericNasi · Jun 17

I have arrived in Athens, I will be attending @TheOffensiveX tomorrow! Ping me if you are there!

961

BallisKit@BallisKit · Jul 22

We are adding a binary injection vulnerability scanner to DarwinOps! -> A DarwinOps JXA template -> Scan for Injection vulnerabilities in binaries and Apps Vulnerable binaries could be abused to bypass EDR, hide a backdoor, access memory, or bypass TCC! #redteam

BallisKit's tweet image. We are adding a binary injection vulnerability scanner to DarwinOps!
-&gt; A DarwinOps JXA template
-&gt; Scan for Injection vulnerabilities in binaries and Apps

Vulnerable binaries could be abused to bypass EDR, hide a backdoor, access memory, or bypass TCC!

#redteam

796

BallisKit Retweeted

Melvin langvik@Flangvik · Jul 8

New video out 😊 showing how you can take control of port 445 and perform those magical relay attacks toward AD CS when working from a C2 agent. Way easier than before thanks to some great research by @zyn3rgy youtube.com/watch?v=e4f3h5…

236

154

24.0K

BallisKit@BallisKit · Jun 23

MacOS security is very different from Windows. DarwinOps, our redteam tool targeting MacOS can help you tackle that issue! @antoinedss just posted on our blog to help you understand the basics of initial access on MacOS with DarwinOps #redteam blog.balliskit.com/macos-initial-…

BallisKit's tweet card. You just received the email with DarwinOps — what should you do next? Short intro to MacOS security and DarwinOps for RedTeams.

4.0K

BallisKit@BallisKit · Jul 1

🔥 Not your typical remote access tool… but it works. Chrome Remote Desktop isn’t just for tech support—it can be quietly repurposed for red team operations. I break down the how and why in my latest post. 👇

TTrustedSec@TrustedSec · Jul 1

Chrome Remote Desktop can offer red teamers a subtle way to bypass restrictions—if they know how to use it. In this blog, @Oddvarmoe reveals a practical guide to repurposing Chrome Remote Desktop on red team operations. Read it now! trustedsec.com/blog/abusing-c…

117

14.0K

BallisKit@BallisKit · Jun 25

Here is a reminder that a Powerful DotNET obfuscator is available in MacroPack. Assembly level obfuscation (or course). With the latest 2.7.5 it supports all your favorite #redteam DotNET tools! And tested on major EDRs :) blog.balliskit.com/obfuscation-an…

BallisKit's tweet card. For a couple of years now, .NET have been the go to language for a lot of famous offensive security tools like Rubeus, SeatBelt…

163

11.0K

BallisKit@BallisKit · May 27

A new version of MacroPack Pro with improved DotNET obfuscator, new shellcode launcher, improved clickonce, and more will be released soon! Also, after Sliver, we a preparing tutorials with Mythic Apollo and Havoc 😎 #redteam

BallisKit's tweet image. A new version of MacroPack Pro with improved DotNET obfuscator, new shellcode launcher, improved clickonce, and more will be released soon! Also, after Sliver, we a preparing tutorials with Mythic Apollo and Havoc 😎

#redteam

2.0K

BallisKit@BallisKit · Jun 6

New tuto! Weaponize Mythic Apollo using MacroPack and ShellcodePack. Tested on EDRs of course. blog.balliskit.com/tutorial-mythi… #redteam

BallisKit's tweet card. Learn how to weaponize Mythic Apollo with BallisKit redteaming tools

4.0K

BallisKit Retweeted

Melvin langvik@Flangvik · May 25

The video is sponsored by @BallisKit They have been a huge supporter of my on-and-off streaming/YouTube journey for a year++ now, which I greatly appreciate 🥰

1.0K

BallisKit Retweeted

Melvin langvik@Flangvik · May 25

It’s been a while since I made a video🫥, so here’s one looking at LDAPx by @MacmodSec , which is based on the amazing research present last year by @sabi_elezi and @danielhbohannon youtu.be/GZ7Vbvf2Dso

12.0K

BallisKit@BallisKit · May 21

Rubeus and Mythic Apollo DotNET Payload Obfuscation with MacroPack! This video demonstrates the next MacroPack Pro features: - DotNET obfuscation and evasion - EDR Bypass ready to use profiles - Compatibility with Mythic Apollo stager #redteam youtu.be/mzuT1MAQSXY

7.0K

BallisKit@BallisKit · May 14

DLL injection and DLL proxying on macOS? Yes it is possible! Checkout this blog by @antoinedss about macOS automated DYLIB injection! #redteam blog.balliskit.com/macos-dylib-in…

BallisKit's tweet card. Let’s explore Dylib injection and Dylib proxying on macOS (the equivalent of Windows DLL injection)

160

14.0K

BallisKit@BallisKit · May 6

How to weaponize Sliver C2 and evade EDRs? With BallisKit ShellcodePack and MacroPack of course! Checkout this new tutorial on our blog! #redteam blog.balliskit.com/tutorial-slive…

BallisKit's tweet card. In this tutorial, we are going to see how to drop Sliver implants while evading security solutions using BallisKit tooling for Redteam.

207

114

10.0K

BallisKit Retweeted

BallisKit@BallisKit · Jan 16

Need initial access payloads for MacOS? Need help to bypass EDR on MacOS? Need undetected persistance on MacOS? Say no more and contact us about DarwinOps Our redteam ToolKit dedicated to MacOS! #redteam

3.0K

BallisKit Retweeted

BallisKit@BallisKit · Apr 3

For us, "EDR bypass" is not just a buzzword. MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus Those presets are regularly updated and tested! If you want to see a demo or an equivalent screenshot for the major EDRs contact us with…

176

101

9.0K