Amnesiac
  • Welcome
  • Intended Usage
  • Get-Started
    • Quick Start
  • Main Menu
    • Available Commands
    • Main Menu Structure
    • [0] Scan Network for Admin Access
    • [1] Single-Listener (single target)
    • [2] Global-Listener (multiple targets)
    • [3] Scan Network for Listening Targets
    • Bookmarks
    • Payload Types
    • Payload Delivery
    • Serving Scripts
    • Sessions Display
    • Targets
    • Terminate Sessions
  • Sessions
    • Core Commands
      • Download
      • Exit
      • GListener
      • GLSet
      • Help
      • Kill
      • OneIsNone
      • Scramble
      • Sync
      • Toggle
      • Upload
    • System Commands
      • AV
      • Net
      • Process
      • Services
      • Sessions
      • Software
      • Startup
    • User Activity
      • ClearLogs
      • Clipboard
      • History and ClearHistory
      • Keylog and KeylogRead
      • ScreenShot and Screen4K
    • Scripts Loading
      • Mimi
      • Patch and PatchNet
      • PInject
      • PowerView
      • Rubeus
      • TLS
    • Local Actions
      • Ask4Creds
      • AutoMimi
      • CredMan
      • Dpapi
      • GetSystem
      • HashGrab
      • Hive
      • Kerb
      • Migrate
      • Monitor
    • Domain Actions
      • DCSync
      • CredValidate
      • Impersonation
      • LocalAdminAccess
      • PassSpray
      • Remoting
      • SessionHunter
  • Beware
    • Encryption
    • Non-Domain-Joined systems
    • SessionID 0
    • Timeouts
Powered by GitBook
On this page
  1. Beware

Encryption

Encrypted Payloads and Comms

While Amnesiac is a powerful and versatile tool, it's essential to be aware of its current limitations and potential security risks.

As of now, Amnesiac does not support payload encryption or encrypted communication.

This means that payloads generated and executed using Amnesiac are not obfuscated or protected in any way, and may be susceptible to detection by antivirus (AV) vendors in the future.

Additionally, it's crucial to be aware that all communication to and from Amnesiac sessions is currently unencrypted. The lack of encrypted communication means that sensitive data transmitted during sessions could be exposed.

Future updates are planned to implement both encrypted communications and payload encryption to mitigate these risks. Until these updates are available, users should exercise caution and consider the potential security implications when using Amnesiac in their security assessments.

Last updated 1 year ago