https://github.com/s3lrius/nimalathatep

Nim Payload Generation
https://github.com/s3lrius/nimalathatep

nim nim-lang nimble offensive-security red-teaming runner shellcode shellcode-injection shellcode-loader shellcode-runner

Last synced: 13 days ago
JSON representation

Nim Payload Generation

• Host: GitHub
• URL: https://github.com/s3lrius/nimalathatep
• Owner: S3lrius
• Created: 2022-06-09T17:57:19.000Z (almost 3 years ago)
• Default Branch: master
• Last Pushed: 2023-10-09T19:27:27.000Z (over 1 year ago)
• Last Synced: 2025-03-23T18:47:55.740Z (30 days ago)
• Topics: nim, nim-lang, nimble, offensive-security, red-teaming, runner, shellcode, shellcode-injection, shellcode-loader, shellcode-runner
• Language: Nim
• Homepage:
• Size: 634 KB
• Stars: 59
• Watchers: 4
• Forks: 12
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Nimalathatep

Nimalathatep is a Nim shellcode payload generation project that aims to get a stealthy binary into your hands quickly. All methods use well-known API-call sequences.

# Evasion

AV/EDR avoidance is performed through AES encryption followed by Base64, with the payload itself only being decrypted at runtime. The IV is currently static, but I aim to change this in the future. Compiling to a control panel item is your stealthiest approach for now. 

# Compilation

Ensure you have NIM downloaded from here: https://nim-lang.org/install.html 

Install the winim, ptr_math, and nim crypto prior to compiling with the following commands:

```nimble install winim```

```nimble install nimcrypto```

```nimble install ptr_math``` 

```nimble install sysrandom``` 

To compile: 

```nim -d:release c .\nimalathatep.nim``` 



# Usage

Run the executable and give it the desired API method, shellcode file, and output file type:  

```.\nimalathatep.exe   ``` 



# Defender Check



# Changes

-Added support for all API calls to be used as an XLL 


-Added random key for encryption 


-Formatting fixes 


-Added new API method (EnumCalendarInfo) 


# To Do

-Generation option to directly place the file into a PDF as an attachment 

-Custom unhook stuff 

-Add option to pack payload into iso or 7zip 

# Credits

Some code bits from: 


https://github.com/byt3bl33d3r/OffensiveNim 

https://www.ired.team/ 

https://github.com/bigb0sss/Bankai <--Initial inspiration

# Disclaimer

Only use this for purposes involving systems that you have been given permission to access and alter. I am not responsible if you do illegal stuff.