Jektor – A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses

This utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system Dynamically resolves API functions to evade IAT inclusion Includes usage of undocumented NT Windows API functions Supports local shellcode execution via CreateThread Supports remote shellcode execution via CreateRemoteThread Supports local shellcode injection via QueueUserAPCRead More

DInjector – Collection Of Shellcode Injection Techniques Packed In A D/Invoke Weaponized DLL

This repository is an accumulation of my code snippets for various shellcode injection techniques using fantastic D/Invoke API by @TheWover and @FuzzySecurity. Features: Fully ported to D/Invoke API Encrypted payloads which can be invoked from a URL or passed in base64 as an argument Built-in AMSI bypass PPID spoofing and block non-Microsoft DLLs (stolen fromRead More

ThreadBoat – Program Uses Thread Execution Hijacking To Inject Native Shell-code Into A Standard Win32 Application

Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. About I developed this small project to continue my experiences of different code injection methods and to allow RedTeam security professionals to utilize this method as a unique way to perform software penetration testing. With Thread hijacking, it allows the hijacker.exe programRead More

GoPurple – Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions

This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 – Requires go installed. 2 – Build the application from the project’s directory: go build. Set GOOS=windows if the build system is not Windows.Read More

PEzor – Open-Source Shellcode And PE Packer

Read the blog posts here: https://iwantmore.pizza/posts/PEzor.html https://iwantmore.pizza/posts/PEzor2.html https://iwantmore.pizza/posts/PEzor3.html https://iwantmore.pizza/posts/PEzor4.html Installation The install.sh is designed to work on a Kali Linux distro. ________________< PEzor!! v3.0.3 > —————- / // |___/| / // \ /0 0 __ / // | / / /_/ // | @_^[email protected]’/ /_ // | //_^_/ /_ // | ( //) | ///Read More

Go-Shellcode – A Repository Of Windows Shellcode Runners And Supporting Utilities

go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber CreateProcess CreateProcessWithPipe CreateRemoteThread CreateRemoteThreadNative CreateThread CreateThreadNative EarlyBird EtwpCreateEtwThread NtQueueApcThreadEx (local) RtlCreateUserThread Syscall Shellcode Utils UuidFromStringA CreateFiber This application leverages the Windows CreateFiber function from the Kernel32.dllRead More

Charlotte – C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher 😉 releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. dynamic invoking of win32 api functions XOR encryption of shellcode and function names randomised XOR keys and variables per run on Kali Linux, simply ‘apt-get install mingw-w64*’Read More

CSSG – Cobalt Strike Shellcode Generator

Adds Shellcode – Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and format beacon shellcode Generates beacon stageless shellcode with exposed exit method, additional formatting, encryption, encoding, compression, multiline output, etc shellcode transforms are generally performed in descending menu order Requirements: TheRead More

Obfuscator – The Program Is Designed To Obfuscate The Shellcode

The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1) XOR2) AES The tool accepts shellcode in 4 formats. 1) base642) hex3) c4) raw Command Line Usage Usage Description—– ———–/f Specify the format of the shellcode base64 hex c raw/enc Specify the encryption type (aes or xor) in which theRead More

EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader

[*]EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode[*] ms17_vuln_status.cpp – This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ).Read More

X