ThreadBoat – Program Uses Thread Execution Hijacking To Inject Native Shell-code Into A Standard Win32 Application

Program uses Thread Hijacking to Inject Native Shellcode into a Standard Win32 Application. About I developed this small project to continue my experiences of different code injection methods and to allow RedTeam security professionals to utilize this method as a unique way to perform software penetration testing. With Thread hijacking, it allows the hijacker.exe programRead More

GoPurple – Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions

This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 – Requires go installed. 2 – Build the application from the project’s directory: go build. Set GOOS=windows if the build system is not Windows.Read More

PEzor – Open-Source Shellcode And PE Packer

Read the blog posts here: Installation The is designed to work on a Kali Linux distro. ________________< PEzor!! v3.0.3 > —————- / // |___/| / // \ /0 0 __ / // | / / /_/ // | @_^[email protected]’/ /_ // | //_^_/ /_ // | ( //) | ///Read More

Go-Shellcode – A Repository Of Windows Shellcode Runners And Supporting Utilities

go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber CreateProcess CreateProcessWithPipe CreateRemoteThread CreateRemoteThreadNative CreateThread CreateThreadNative EarlyBird EtwpCreateEtwThread NtQueueApcThreadEx (local) RtlCreateUserThread Syscall Shellcode Utils UuidFromStringA CreateFiber This application leverages the Windows CreateFiber function from the Kernel32.dllRead More

Charlotte – C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher 😉 releasing this to celebrate the birth of my newborn description 13/05/2021: c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. dynamic invoking of win32 api functions XOR encryption of shellcode and function names randomised XOR keys and variables per run on Kali Linux, simply ‘apt-get install mingw-w64*’Read More

CSSG – Cobalt Strike Shellcode Generator

Adds Shellcode – Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and format beacon shellcode Generates beacon stageless shellcode with exposed exit method, additional formatting, encryption, encoding, compression, multiline output, etc shellcode transforms are generally performed in descending menu order Requirements: TheRead More

Obfuscator – The Program Is Designed To Obfuscate The Shellcode

The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1) XOR2) AES The tool accepts shellcode in 4 formats. 1) base642) hex3) c4) raw Command Line Usage Usage Description—– ———–/f Specify the format of the shellcode base64 hex c raw/enc Specify the encryption type (aes or xor) in which theRead More

EternalBlueC – EternalBlue Suite Remade In C/C++ Which Includes: MS17-010 Exploit, EternalBlue Vulnerability Detector, DoublePulsar Detector And DoublePulsar Shellcode & DLL Uploader

[*]EternalBlue suite remade in C which includes: MS17-010 Exploit, EternalBlue/MS17-010 vulnerability detector, DoublePulsar detector and DoublePulsar UploadDLL & Shellcode[*] ms17_vuln_status.cpp – This program sends 4 SMB packets. 1 negociation packet and 3 requests. This program reads the NT_STATUS response from a TransNamedPipeRequest ( PeekNamedPipe request ) and determines if NT_STATUS = 0xC0000205 ( STATUS_INSUFF_SERVER_RESOURCES ).Read More