(iOS, M1, Android, IoT, macOS, Linux, Windows, etc.)
Voodoo supports targets based on Intel x64 and both traditional ARM and ARM64 processors. Being able to pivot seamlessly through all targeted endpoints means more thorough testing of targeted information systems and more accurate risk assessments.
(UAC bypasses, privilege escalation, Active Directory enumeration, etc.)
Toolkits should be designed to enable operators to safely and effectively get more done in less time. To this end, VooDoo provides an online Armory, which enables operators to leverage crowdsourced and UltraViolet-created munitions that empower operators to overcome obstacles without breaking a sweat. Each munition is rated and peer reviewed.
Segmented networks are no longer an issue with the pivoting capabilities of Voodoo. Multiple agents can be chained together with dynamic, fault-tolerant routes to provide access into heavily secured networks, including segments without direct internet access (e.g., cardholder data environments (CDEs) and OT/SCADA systems).
ULTRAVIOLET VOODOO KEY BENEFITS AT A GLANCE
Stay one step ahead of detections by leaving minimal footprints as you go. VooDoo’s OPSEC-centric design allows for the in-memory execution of agents that can load, on the fly, in-memory-only scripting engines, enabling operators to easily load host-specific tools, including Python, C#, .NET, and PowerShell scripts. In addition, many other types of binaries can be executed from memory only, including Mach-O, Bundles, ELF, SO, PE, and DLL.
No longer are operating systems the boundaries for your operations. VooDoo’s cross-platform design works across all major operating systems: Windows, Linux, macOS, Android, and iOS. Operating system doesn’t matter; traverse your target network as you please. The interface is consistent across each OS and there are no differences in command syntax. Simply select your target OS when creating a stager and then make your choice from multiple deployment methods.
Voodoo had teamwork in mind when it came to designing the user interface. It comes with a slick graphical web interface that supports multiple users with varying access levels. Multiple operators can interact with the same agents simultaneously. One operator can pilfer a target while another operator is working on furthering accesses. Junior operators and supervisors can easily follow along with read-only access in real time.
VooDoo is a post-exploitation platform for covert interactive cyber operations. Designed from the ground up to be stealthy, stable, and versatile, VooDoo enables a red team operator to chain agents together through a series of call-back (reverse) and call-in (connect) payloads across multiple various operating systems. This chain provides deep access into target networks and to information systems that should never communicate via the Internet, such as SCADA networks, CDEs, and internal databases.
