You are here : Home » Security tools » MacroPack

MacroPack

About MacroPack

MacroPack is a tool used to automate obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments.
The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation.
It also provides a lot of helpful features useful for redteam or security research.
The community version is free and available on Github.

MacroPack Pro

MacroPack Pro version is a weaponized version for professionals only. The pro mode includes features such as:

  • Advance antimalware bypass
  • Shellcode injection
  • Support of EXCEL 4.0 Macro (XLM)
  • Command line obfuscation (Dosfuscation)
  • ASR and AMSI bypass
  • Self unpacking VBA/VBS payloads
  • Trojan existing MS Office documents, Help files and Visual Studio projects.
  • Anti reverse engineering
  • Sandbox detection
  • Support of more formats such as Excel 4.0 SYLK and compiled help files
  • Run advanced VB payload from unusual formats
  • Weaponized templates and additional templates (ex EMPIRE, AUTOSHELLCODE)
  • Excel 4.0 macros (XLM)
  • Lot of more advanced stuff

Some short demo videos are available on the sevagas youtube channel.

Note that MP pro is only available as a commercial offer for professionals. If you are in an offensive security audit team and would like more informtion on how to get "pro" version you can contact me at emeric.nasi[ at ]sevagas.com.