Development

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1 @@
+

.travis.yml

@@ -1,2 +1,16 @@
 os: windows
 language: shell
+
+env:
+  - MSBUILD_PATH="/C/Program Files (x86)/Microsoft Visual Studio/2017/BuildTools/MSBuild/15.0/Bin"
+
+install:
+  - choco install sysinternals python2 python3 7zip
+  - psexec -s powershell.exe -command 'Add-WindowsCapability –Online -Name NetFx3~~~~'
+
+before_script:
+  - export PATH=$MSBUILD_PATH:$PATH
+
+script:
+  - msbuild.exe HastyArp/HastyArp.sln //m -p:Configuration=Release
+  - ls -lisa

HastyArp/README.md

@@ -1 +1,53 @@
+# HastyArp 
+A post-explotation ARP.exe command implemented in pure C#.
 
+## Build 
+All binaries in HastySeries are built targeting .NET 3.5, for windows 7+ support. The following build env should be used:
+
+* Windows 10 - 1803
+* Visual Studio 2017
+* .NET 3.5 
+* `choco install sysinternals` or strings from SysInternals in your current path
+
+ALL HastySeries compiled binaries can be found on the github page with the most recent releases. NOTE: THESE have many static sigs.. dont drop to disk unless you are sure they are cleared via PSP testing.
+
+## Operate
+### Command Examples:
+```cmd
+C:\Users\rt\Desktop\HastySeries\bin\Release>HastyArp.exe
+```
+### Expected Output:
+```cmd
+Interface: INT: 1 --- TYPE: 4 --- IP: 224.0.0.22
+        224.0.0.22          00-00-00-00-00-00
+        239.255.255.250     00-00-00-00-00-00
+Interface: INT: 3 --- TYPE: 4 --- IP: 224.0.0.22
+        224.0.0.22          01-00-5E-00-00-16
+Interface: INT: 7 --- TYPE: 3 --- IP: 192.168.137.2
+        192.168.137.2       00-50-56-E9-02-48
+        192.168.137.254     00-50-56-E3-0F-55
+        192.168.137.255     FF-FF-FF-FF-FF-FF
+        224.0.0.22          01-00-5E-00-00-16
+        224.0.0.251         01-00-5E-00-00-FB
+        224.0.0.252         01-00-5E-00-00-FC
+        255.255.255.255     FF-FF-FF-FF-FF-FF
+Interface: INT: 8 --- TYPE: 2 --- IP: 169.254.169.254
+        169.254.169.254     00-00-00-00-00-00
+        169.254.241.22      00-00-00-00-00-00
+        169.254.255.255     FF-FF-FF-FF-FF-FF
+        224.0.0.22          01-00-5E-00-00-16
+        224.0.0.251         01-00-5E-00-00-FB
+        224.0.0.252         01-00-5E-00-00-FC
+        239.255.255.250     01-00-5E-7F-FF-FA
+        255.255.255.255     FF-FF-FF-FF-FF-F
+```
+
+## OpSec
+### Strings
+To prevent some basic string matching, some basic precautions where taken. of course this is a example and if OpSec is upmost concern change static key and use the `HastyFixup` string fixup project to build new strings before re-compile.
+
+1) All strings are XOR'd with a static key 
+2) All strings are than encoded with Base64 
+3) Strings are decoded at execution 
+4) Strings are XOR'd with static key
+5) String is presented to console 

HastyDrives/README.md

@@ -0,0 +1,43 @@
+# HastyDrives 
+A post-explotation command implemented in pure C# to list all drives and details that may be useful to a operator.
+
+## Build 
+All binaries in HastySeries are built targeting .NET 3.5, for windows 7+ support. The following build env should be used:
+
+* Windows 10 - 1803
+* Visual Studio 2017
+* .NET 3.5 
+* `choco install sysinternals` or strings from SysInternals in your current path
+
+ALL HastySeries compiled binaries can be found on the github page with the most recent releases. NOTE: THESE have many static sigs.. dont drop to disk unless you are sure they are cleared via PSP testing.
+
+## Operate
+### Command Examples:
+```cmd
+C:\Users\rt\Desktop\HastySeries\bin\Release>HastyDrives.exe
+```
+### Expected Output:
+```cmd
+*-------------------------HastyDrives-------------------------*
+|Drive C:\
+|  Drive type: Fixed
+|  Volume label:
+|  File system: NTFS
+|  Available space to current user:    21268123648 bytes
+|  Total available space:              21268123648 bytes
+|  Total size of drive:                63778582528 bytes
+*--------------------------------------------------------------*
+|Drive D:\
+|  Drive type: CDRom
+*--------------------------------------------------------------*
+```
+
+## OpSec
+### Strings
+To prevent some basic string matching, some basic precautions where taken. of course this is a example and if OpSec is upmost concern change static key and use the `HastyFixup` string fixup project to build new strings before re-compile.
+
+1) All strings are XOR'd with a static key 
+2) All strings are than encoded with Base64 
+3) Strings are decoded at execution 
+4) Strings are XOR'd with static key
+5) String is presented to console 

HastyDump/README.md

@@ -12,7 +12,33 @@ All binaries in HastySeries are built targeting .NET 3.5, for windows 7+ support
 ALL HastySeries compiled binaries can be found on the github page with the most recent releases. NOTE: THESE have many static sigs.. dont drop to disk unless you are sure they are cleared via PSP testing.
 
 ## Operate
-
+### Command Examples:
+```cmd
+C:\Users\rt\Desktop\HastySeries\bin\Release>HastyDump.exe -help
+C:\Users\rt\Desktop\HastySeries\bin\Release>HastyDump.exe 13028 "C:\\Users\\rt\\Desktop\\test.bin"
+```
+### Expected Output:
+```cmd
+[*] RUNTIME TARGET CHECKS:
+        OperatingSystem Version: Microsoft Windows NT 6.2.9200.0
+        Target MachineName: DESKTOP-1VRIH74
+        Target DomainName: DESKTOP-1VRIH74
+        Target UserName: rt
+        Target Time Zone: Pacific Standard Time
+        Target Time: 8/18/2019 9:56:55 PM
+        Target ProcessorCount: 4
+[*] SUCCESS: Obtained process image name
+[*] SUCCESS: Obtained process image name
+[*] INFO: target image: \Device\HarddiskVolume4\Windows\System32\cmd.exe
+[*] SUCCESS: Creating file stream/handle: C:\\Users\\rt\\Desktop\\test.bin
+[*] IMAGE TARGET DETAILS:
+        Image size: 129872 KB
+        Image location: C:\Users\rt\Desktop\test.bin
+[*] INFO: Close file handle of: C:\\Users\\rt\\Desktop\\test.bin
+[*] INFO: Close process handle of process ID: 13028
+```
+### Example Screenshot:
+![2019-08-18 21_59_48-Command Prompt](https://user-images.githubusercontent.com/8761706/63241898-0e0da380-c25e-11e9-8c4d-a50a7688b600.png)
 
 ## OpSec
 ### Strings
@@ -22,4 +48,4 @@ To prevent some basic string matching, some basic precautions where taken. of co
 2) All strings are than encoded with Base64 
 3) Strings are decoded at execution 
 4) Strings are XOR'd with static key
-5) String is presented to console 
+5) String is presented to console