Upcoming Releases

2.1.X
  • More rapid series of UAC bypass related features

  • 2.1.X series will conclude Winter 2024 with a comprehensive test pattern for common UAC bypass indicators of compromise


Development Blog

9/4/24 - 2.1.2 Released
  • SDCLT UAC Bypass Macro Added

  • Event Viewer Registry UAC Bypass Macro Added

  • Add support for one-time commands to be added by macros

  • Alpha feature - adds audit commands

  • Alpha feature - improved support for Python service testing

6/13/24 - 2.1.1 Released
  • CMSTP UAC Bypass Macro Added

4/5/24 - 2.1 Released
  • Client telemetry gathering - add framework for gathering end-point telemetry

  • Alpha support - Running the python daemon as a service

  • Windows 11 Test Suite Support

2/7/24 - 2.0.1 Released!
  • Add support for secure commander sessions, unencrypted command sessions will be deprecated later.

2/3/24 - 2.0.0 Released!
  • Add "harvest_pwd" command - daemons will crawl current working directory for content to upload

  • Native text shells previously were not dynamically responsive to network latency, now will respond dynamically to data availability

  • Java Stager Support - Staged java payloads are now generated and supported

  • Mac Support - Python and Server will both run on Mac platforms

  • C# stager generation contains a full end-to-end integration test

  • C# stager code can be generated with automatic randomization and obfuscation

  • Blue Team Guide expanded to include several IOCs, including

    • Windows registry key persistence

    • Launch daemon process using Windows Local Machine registry for process debugging

    • Launch daemon process using the SilentProcessExit registry key

  • Refactored harvest_user_dir implementation for streamlined maintenance

  • Expand user enumeration to non-Windows platforms

  • Windows Powershell reverse shell support added

  • Obfuscated powershell mode

  • Obfuscated Windows command line mode


12/7/22 - 1.0.0 Released!
  • Code quality widget and cleanup


11/7/22 - 0.9.4 Released!
  • Blue Team Indicator of Compromise Recommendation Suite


9/15/22 - 0.9.3 Released!
  • Integrated testing for Python HTTPS and DNS daemons in unit suite

  • Improved Integration Documentation

  • Commands-run auditing record


9/6/22 - Hi folks! I'm starting a new development blog for TheAllCommander. Until I move to a WP based solution, I'm going to be hosting it the old fashioned way on my personal site here. My goal here is to keep the growing user base up to speed on new developments and upcoming features. If you have any feedback, such as desired features or bugs to report, please open an issue on the github page.