BallisKit
@balliskit.bsky.social
BallisKit provides tooling and services to professional Pentesters & Red Teams.
We develop MacroPack Pro and ShellcodePack.
www.balliskit.com
We develop MacroPack Pro and ShellcodePack.
www.balliskit.com
MacroPack v2.8.7 is out!
New GUI & updated EDR evasion! New features include Advanced LNK spoofing, expanded .NET obfuscation, and ML-evasion.
For authorized red-team use!
#RedTeam #offensivesecurity
New GUI & updated EDR evasion! New features include Advanced LNK spoofing, expanded .NET obfuscation, and ML-evasion.
For authorized red-team use!
#RedTeam #offensivesecurity
October 14, 2025 at 4:10 PM
MacroPack v2.8.7 is out!
New GUI & updated EDR evasion! New features include Advanced LNK spoofing, expanded .NET obfuscation, and ML-evasion.
For authorized red-team use!
#RedTeam #offensivesecurity
New GUI & updated EDR evasion! New features include Advanced LNK spoofing, expanded .NET obfuscation, and ML-evasion.
For authorized red-team use!
#RedTeam #offensivesecurity
The next version of MacroPack is going to be huge! A new GUI, updated EDR bypass profiles, new evasion options, and many other things :)
#redteam
#redteam
September 24, 2025 at 3:52 PM
The next version of MacroPack is going to be huge! A new GUI, updated EDR bypass profiles, new evasion options, and many other things :)
#redteam
#redteam
ShellcodePack 2.7.5 is now available!
It includes updated bypass profiles for major EDRs
We also improved:
- ML detection evasion
- ETW Patch
- CallStack Spoofing
ShellcodePack can be used to weaponize any raw shellcode or PE including DotNET, Go, and Rust :)
#redteam
It includes updated bypass profiles for major EDRs
We also improved:
- ML detection evasion
- ETW Patch
- CallStack Spoofing
ShellcodePack can be used to weaponize any raw shellcode or PE including DotNET, Go, and Rust :)
#redteam
September 8, 2025 at 4:16 PM
ShellcodePack 2.7.5 is now available!
It includes updated bypass profiles for major EDRs
We also improved:
- ML detection evasion
- ETW Patch
- CallStack Spoofing
ShellcodePack can be used to weaponize any raw shellcode or PE including DotNET, Go, and Rust :)
#redteam
It includes updated bypass profiles for major EDRs
We also improved:
- ML detection evasion
- ETW Patch
- CallStack Spoofing
ShellcodePack can be used to weaponize any raw shellcode or PE including DotNET, Go, and Rust :)
#redteam
Initial Access on MacOS made easy !
DarwinOps now supports DMG phishing profiles!
Those are on shelf realistic templates with Gatekeeper bypass techniques :)
This version also introduce a binary injection vulnerability scanner for MacOS!
#redteam
DarwinOps now supports DMG phishing profiles!
Those are on shelf realistic templates with Gatekeeper bypass techniques :)
This version also introduce a binary injection vulnerability scanner for MacOS!
#redteam
August 14, 2025 at 3:55 PM
Initial Access on MacOS made easy !
DarwinOps now supports DMG phishing profiles!
Those are on shelf realistic templates with Gatekeeper bypass techniques :)
This version also introduce a binary injection vulnerability scanner for MacOS!
#redteam
DarwinOps now supports DMG phishing profiles!
Those are on shelf realistic templates with Gatekeeper bypass techniques :)
This version also introduce a binary injection vulnerability scanner for MacOS!
#redteam
MacOS DMG phishing templates are coming in the next DarwinOps release!
Ready to use, configurable, and with new GateKeeper bypass strategies!
#redteam
Ready to use, configurable, and with new GateKeeper bypass strategies!
#redteam
August 1, 2025 at 2:55 PM
MacOS DMG phishing templates are coming in the next DarwinOps release!
Ready to use, configurable, and with new GateKeeper bypass strategies!
#redteam
Ready to use, configurable, and with new GateKeeper bypass strategies!
#redteam
A new version of MacroPack Pro with improved DotNET obfuscator, new shellcode launcher, improved clickonce, and more will be released soon! Also, after Sliver, we a preparing tutorials with Mythic Apollo and Havoc 😎
#redteam
#redteam
May 27, 2025 at 3:08 PM
A new version of MacroPack Pro with improved DotNET obfuscator, new shellcode launcher, improved clickonce, and more will be released soon! Also, after Sliver, we a preparing tutorials with Mythic Apollo and Havoc 😎
#redteam
#redteam
For us, EDR bypass is not just a buzzword.
MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus
Those presets are regularly updated and tested!
If you want to see a demo or an equivalent screenshot for the major EDRs contact us !
#redteam
MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus
Those presets are regularly updated and tested!
If you want to see a demo or an equivalent screenshot for the major EDRs contact us !
#redteam
April 3, 2025 at 3:47 PM
For us, EDR bypass is not just a buzzword.
MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus
Those presets are regularly updated and tested!
If you want to see a demo or an equivalent screenshot for the major EDRs contact us !
#redteam
MacroPack, ShellcodePack, and DarwinOps all come with bypass presets for major EDRs and Antivirus
Those presets are regularly updated and tested!
If you want to see a demo or an equivalent screenshot for the major EDRs contact us !
#redteam
Obfuscate SharpHound? It's now possible with MacroPack. An version of MacroPack Pro was just released to improve our DotNET obfuscator!
We now support packages build with tools like Costura!
We tested we could obfuscate SharpHound, KrbRelay, and Mythic Apollo agent
We now support packages build with tools like Costura!
We tested we could obfuscate SharpHound, KrbRelay, and Mythic Apollo agent
March 3, 2025 at 4:54 PM
Obfuscate SharpHound? It's now possible with MacroPack. An version of MacroPack Pro was just released to improve our DotNET obfuscator!
We now support packages build with tools like Costura!
We tested we could obfuscate SharpHound, KrbRelay, and Mythic Apollo agent
We now support packages build with tools like Costura!
We tested we could obfuscate SharpHound, KrbRelay, and Mythic Apollo agent
Did you know ShellcodePack can be used to pack and weaponize third party exe, dll, .NET in addition to raw shellcodes?
Example with Mimikatz!
#redteam
Example with Mimikatz!
#redteam
February 7, 2025 at 5:11 PM
Did you know ShellcodePack can be used to pack and weaponize third party exe, dll, .NET in addition to raw shellcodes?
Example with Mimikatz!
#redteam
Example with Mimikatz!
#redteam
Need initial access payloads for MacOS?
Need help to bypass EDR on MacOS?
Need undetected persistance on MacOS?
Say no more and contact us about DarwinOps
Our redteam ToolKit dedicated to MacOS!
#redteam
Need help to bypass EDR on MacOS?
Need undetected persistance on MacOS?
Say no more and contact us about DarwinOps
Our redteam ToolKit dedicated to MacOS!
#redteam
January 16, 2025 at 4:58 PM
Need initial access payloads for MacOS?
Need help to bypass EDR on MacOS?
Need undetected persistance on MacOS?
Say no more and contact us about DarwinOps
Our redteam ToolKit dedicated to MacOS!
#redteam
Need help to bypass EDR on MacOS?
Need undetected persistance on MacOS?
Say no more and contact us about DarwinOps
Our redteam ToolKit dedicated to MacOS!
#redteam
BK Tip: MacroPack LNK generator supports multiple methods to launch payloads including dropping files, download-exec, run shellcode directly in memory!
The LNK may be crafted use different lolbins and scripts polyglot properties!
And yes, we tested on EDRs.
#redteam
The LNK may be crafted use different lolbins and scripts polyglot properties!
And yes, we tested on EDRs.
#redteam
December 4, 2024 at 4:02 PM
BK Tip: MacroPack LNK generator supports multiple methods to launch payloads including dropping files, download-exec, run shellcode directly in memory!
The LNK may be crafted use different lolbins and scripts polyglot properties!
And yes, we tested on EDRs.
#redteam
The LNK may be crafted use different lolbins and scripts polyglot properties!
And yes, we tested on EDRs.
#redteam