Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/maxdcb/pedropper

Create a Shellcode Dropper from any Windows Module
https://github.com/maxdcb/pedropper

cybersecurity malware-research redteam shellcode

Last synced: 28 days ago
JSON representation

Create a Shellcode Dropper from any Windows Module

Host: GitHub
URL: https://github.com/maxdcb/pedropper
Owner: maxDcb
License: mit
Created: 2023-04-25T07:12:55.000Z (over 1 year ago)
Default Branch: master
Last Pushed: 2024-09-05T07:25:41.000Z (4 months ago)
Last Synced: 2024-10-19T05:22:16.854Z (3 months ago)
Topics: cybersecurity, malware-research, redteam, shellcode
Language: C++
Homepage:
Size: 236 KB
Stars: 5
Watchers: 1
Forks: 2
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # GenerateDropperBinary

sudo apt install gcc-mingw-w64  

sudo apt install g++-mingw-w64  

pip3 install pycryptodome  

Generate a dropper for any DLL or EXE. The shellcode of the payload is generated with [Donut](https://github.com/TheWover/donut). The dropper is compile with the generated shellcode (credit to sektor7). The exe resulting has no import table, every function name are xored and the payload is AES encrypted. A dll is also generated with a "go" exported function (rundll32 implant,go), this dll could be use for dll hijacking.

Compatible with linux and windows.  

![alt text](https://github.com/maxDcb/PeDropper/blob/master/ressources/image1.png?raw=true)