How can we as Red Teamers, Penetration Testers, and Ethical Hackers be one step ahead of those wanting to destroy our infrastructure? Can our organization detect an ongoing attack? If they avoid detection, how will we respond?
The only way to answer these questions is by putting our organizations to the test through Red Team operations and consistent Penetration Testing.
With the new release of Sickle V4 a handler module has been added to easily distribute payloads generated by a variety of C2 frameworks including but not limited to Havoc.
When crafting your exploits you can now generate first stage shellcode using Sickle, leverage the handler module to distribute the second stage and deliver malware to multiple devices over TCP or HTTPS.
I hold no responsibility for your actions when using this tool! So always operate within the confines of the law!
Happy Halloween!