KingPhisher Template
Excel Maldoc Templates
KingPhisher is an open-source tool developed by members of SecureState. In order to extend the functionality of this application, I created several Excel templates that were designed to deliver a Powershell Empire payload while bypassing typical antivirus controls. One template made publicly available was a raffle ticket template, where users press a button to generate a number but a powershell payload is dropped silently in the background.
At the time of testing, email filters were flagging on the Auto_Open() functionality of a macro. By creating a button to perform the action, the payload was able to slip past the automatic testing of certain vendors.
Data URI Phishing
As a result of all the blog discussion around phishing using the data URI, I created a guide and helped contribute to a script that would allow users to create and deploy their own awareness campaign using this method.