Impacket/PsExec & MyPsExec VS Kaspersky

In some engagement, I faced a machine Kaspersky was installed on it, so I tried to access the machine via Impact/PsExec but no luck! Because Kaspersky works like a charm. From this point, I made my own PsExec try to bypass Kaspersky.

‌First, I used the PyPsexec library because I didn't have time to make something from scratch.

Then I tested the tool on my VM with Kaspersky installed. And guess what? It's working, and I can execute commands on the machine.

The tool may be published in the future, but so far, I have not completed all the features.

Features/ToDo.

• Execute commands as a specific local, SYSTEM, or domain user.

• Execute commands via CMD or PowerShell.

• Commands history.

Last update

- 9/04/2021