6 个仓库
Applies XOR or AES-CBC encryption to shellcode to prevent static analysis and signature-based detection.
Distinct from Payload Encryptions: Distinct from Payload Encryptions: focuses on encrypting shellcode for evasion, not general database payload encryption.
Explore 6 awesome GitHub repositories matching security & cryptography · Shellcode. Refine with filters or upvote what's useful.
CppGuide is a curated collection of educational resources and practical guides focused on C++ server development, Linux kernel internals, concurrent programming, network protocols, and security exploitation. It provides structured learning paths for backend developers, covering everything from interview preparation to building high-performance network servers and understanding operating system fundamentals. The guide distinguishes itself by offering in-depth, hands-on tutorials that walk through real-world implementations, including building a Redis-like server from scratch, designing custom
Demonstrates encrypting shellcode payloads to evade static analysis.
本项目是一个红队知识库和进攻性安全手册,旨在模拟对手行为。它作为技术指南和战术的综合集合,用于执行红队行动。 该存储库提供了 Active Directory 渗透测试的详细说明,包括 Kerberos 滥用和域权限提升。它涵盖了通过 API 解钩 (unhooking) 和载荷混淆进行的防御规避,以及涉及内核对象和系统内存操作的 Windows 内部研究。 功能范围扩展到网络渗透测试、恶意软件分析与工程,以及进攻性安全基础设施的部署。它还包括在企业环境中进行横向移动、持久化和数据外泄的方法。
Details the use of custom encoders and AES-CBC encryption to hide shellcode signatures from security software.
Donut is a toolset for loading and executing payloads in memory, featuring a position-independent shellcode generator, an in-memory payload injector, and a .NET assembly loader. It is designed to convert executable files and scripts into shellcode that can be executed within the memory space of a remote process without writing files to disk. The project specializes in security evasion through memory-based patching and payload obfuscation using symmetric block ciphers and compression. It includes a remote payload stager to retrieve encrypted modules from HTTP or DNS servers during runtime, red
Protects generated payloads with 128-bit symmetric encryption using the Chaskey block cipher.
EQGRP 是一个远程访问木马框架和后渗透工具包。它提供了一个集中式命令与控制基础设施,用于部署持久化植入物并管理跨不同操作系统的远程智能体。 该项目包括用于数字取证规避的工具,例如修改系统日志和文件系统时间戳以删除执行痕迹。它具有一个网络拦截系统,用于通过挂钩系统根目录来捕获和重构数据流,以及专为内核权限提升而设计的漏洞利用,以将进程权限提升为管理根权限。 该工具包涵盖了广泛的功能,包括远程代码执行、用于签名规避的 Shellcode 打包,以及移动设备日志和电信记录的渗出与解析。它还提供用于绑定网络端口和浏览解密归档的工具。
Includes shellcode packing and encryption to bypass signature-based security detection.
Veil is a payload generation framework and a suite of tools designed to automate the creation of obfuscated binaries and encoded shellcode. It functions as an anti-virus evasion tool that transforms binary code to bypass security scanners and endpoint detection software. The framework utilizes multi-language payload generation, employing various programming language compilers to create executables that evade signature-based detection. It includes an evasive shellcode encoder to remove forbidden characters and apply obfuscation techniques to hide payload logic. The project covers the generati
Applies encoding and encryption to shellcode to remove forbidden characters and bypass signature-based detection.
OffensiveRust is a red team toolkit and malware development kit written in Rust. It serves as an evasion framework and post-exploitation library, providing a collection of offensive security primitives and a Windows API wrapper for interacting with low-level system functions and undocumented APIs. The project focuses on bypassing security software through direct system calls, memory obfuscation, and stealthy payload execution. It implements techniques to defeat static binary analysis via compile-time string encryption and payload obfuscation, while avoiding detection using parent process ID s
Applies XOR or AES-CBC encryption to shellcode to prevent static analysis and signature-based detection.