A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies
The Evasor is an automated security assessment tool which locates existing executables on the Windows operating system that can be used to bypass any Application Control rules. It is very easy to use, quick, saves time and fully automated which generates for you a report including description, screenshots and mitigations suggestions, suites for both blue and red teams in the assessment of a post-exploitation phase.
Download the Evasor project and complie it. Verify to exclude from the project the App.config file from the reference tree.
run Evasor.exe from the bin folder. Choose your numeric option from the follwoing:
We welcome contributions of all kinds to this repository. For instructions on how to get started and descriptions of our development workflows, please see our contributing guide.
For more comments, suggestions or questions, you can contact Arik Kublanov from CyberArk Labs: Copyright © 2020 CyberArk Software Ltd. All rights reserved. Labs. You can find more projects developed by us in https://github.com/cyberark/.