https://github.com/pumpbin/pumpbin

🎃 PumpBin is an Implant Generation Platform.
https://github.com/pumpbin/pumpbin

adversarial-attacks application bypass-antivirus c2 command-and-control cybersecurity iced implant linux macos offensive-security redteam rust security security-tools shellcode shellcode-injection shellcode-injector shellcode-loader windows

Last synced: 1 day ago
JSON representation

🎃 PumpBin is an Implant Generation Platform.

• Host: GitHub
• URL: https://github.com/pumpbin/pumpbin
• Owner: pumpbin
• License: mit
• Created: 2024-06-11T06:55:16.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2024-07-16T04:14:09.000Z (5 months ago)
• Last Synced: 2024-11-21T16:54:25.013Z (21 days ago)
• Topics: adversarial-attacks, application, bypass-antivirus, c2, command-and-control, cybersecurity, iced, implant, linux, macos, offensive-security, redteam, rust, security, security-tools, shellcode, shellcode-injection, shellcode-injector, shellcode-loader, windows
• Language: Rust
• Homepage: https://pumpbin.b1n.io
• Size: 2.31 MB
• Stars: 266
• Watchers: 2
• Forks: 33
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - pumpbin/pumpbin - 🎃 PumpBin is an Implant Generation Platform. (Rust)

README

        


  

    

    

  

  

  

  

  


  

    

  

  

  



# 🎃 PumpBin



  



**PumpBin** is an Implant Generation Platform.

To use PumpBin, you need to have a b1n file or [Create One](https://pumpbin.b1n.io/dev/start.html).\

A b1n file contains one or more binary implant templates, along with some Extism Plug-in and some additional descriptive information.\

We usually refer to b1n file as Plugin and wasm file as Extism Plug-in.

The [plug-in](https://github.com/pumpbin/plug-in) repository collects reusable PumpBin Extism Plug-in.

![](https://github.com/pumpbin/pumpbin/assets/120295547/7f4a662e-3a78-4b16-a7bc-7f55d3369ec2)

## ✨ Features

- Powerful, simple, and comfortable UI

- Following the minimal principle to ensure maximum flexibility in usage

- Support two Plugin types: `Local` and `Remote`

- Support Extism Plug-in System, offering powerful extensibility

- Each generated implant has a different random encryption key

- Populated with randomized data, each generated implant is unique

- We have user manual, you no longer need to educate your users

- No dependencies, just PumpBin

- Support description, you can write anything about this Plugin

- No network connection(excluding Extism Plug-in)

- ... And I'm PumpBin, I have magic🪄

## 🚀 Getting Started

Check the [PumpBin Documentation](https://pumpbin.b1n.io) for more information.

## ❔ Why

Modern cybersecurity teams are divided into offensive personnel and cybersecurity researchers,

with researchers responsible for producing digital weapons.

The teams typically deploy post-exploitationtools like Cobalt Strike, BRC4, or similar.

To evade security software, researchers usually write shellcode loaders, including evasion code to create the final implant.

This process generally follows two methods.

1. Offensive personnel provide the shellcode to researchers, who then directly produce the final implant.

   This method is highly inflexible as offensive personnel must contact researchers every time they need a final implant.

1. Researchers create a binary implant template and provide a final implant generation program.

   Offensive personnel use this program to inject shellcode into the binary implant template, producing the final implant.

The second method is the reason for the creation of PumpBin, a final implant generation program.

Cybersecurity researchers only need to follow PumpBin's guidelines to write implant templates and

distribute them along with PumpBin to offensive personnel. (There are very few guidelines as PumpBin is highly flexible.)