You are here : Home » Security tools » MacroPack


About MacroPack

MacroPack is a tool used to automate obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments.
The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation.
It also provides a lot of helpful features useful for redteam or security research.
The community version is free and available on Github.

MacroPack Pro

MacroPack Pro version is a weaponized version for professionals only. The pro mode includes features such as:

  • Advance antimalware bypass
  • Multiple Shellcode injection method
  • Support of EXCEL 4.0 Macro (XLM)
  • Command line obfuscation (Dosfuscation)
  • ASR and AMSI bypass
  • Self unpacking VBA/VBS payloads
  • Trojan existing MS Office documents, Help files and Visual Studio projects.
  • Anti reverse engineering
  • Sandbox detection
  • Support of more formats such as Excel 4.0 SYLK and compiled help files
  • Run advanced VB payload from unusual formats
  • Weaponized templates and additional templates (ex EMPIRE, AUTOSHELLCODE)
  • Lot of more advanced stuff

For more information, read about MacroPack Pro on the BallisKit website.

Note that MP pro is only available as a commercial offer for professionals. If you are in an offensive security audit team and would like more information on how to get "pro" version you can contact me at emeric.nasi[ at ]