https://github.com/xl00t/yetanothernimcrypt

Shellcode loader/injector generator
https://github.com/xl00t/yetanothernimcrypt

c2 maldev redteam shellcode

Last synced: 8 months ago
JSON representation

Shellcode loader/injector generator

• Host: GitHub
• URL: https://github.com/xl00t/yetanothernimcrypt
• Owner: xl00t
• License: mit
• Created: 2023-11-23T14:29:24.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-12-15T20:07:22.000Z (over 2 years ago)
• Last Synced: 2025-04-09T02:22:56.861Z (12 months ago)
• Topics: c2, maldev, redteam, shellcode
• Language: Python
• Homepage:
• Size: 41 KB
• Stars: 5
• Watchers: 1
• Forks: 1
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
![banner](assets/imgs/banner.png)

This project aims to help me develop my skills in malware development and AV/EDR evasion.

## Description

yetAnotherNimCrypt is a tool that automates the process of generating shellcode loaders/injectors using Nim templates.

This project aims to provide a simple and customizable way to generate shellcode loaders/injectors in Python. By utilizing Nim templates, users can easily define their own loaders and customize them to suit their specific needs.

## Features

- [x] Use custom shellcode as input

- [x] Choose output file path

- [x] Multiple encryption techniques

- [ ] Multiple execution techniques

- [x] Sleep time customizable

- [ ] Optionnal remote process

- [ ] Optionnal HTTP stager (encrypt the shellcode and compile the choosen template by adding a fetcher template able to download an execute the shellcode. Might use updog to serve the shellcode)

## Usage example

```bash

xl00t@linux:/home/xl00t/Desktop/Redteam $ msfvenom -p windows/x64/messagebox TEXT="Payload successfully injected" TITLE="Shellcode Test" --platform windows -a x64 -f raw -o msf.raw

No encoder specified, outputting raw payload

Payload size: 339 bytes

Saved as: msf.raw

xl00t@linux:/home/xl00t/Desktop/Redteam $ tools/yetAnotherNimCrypt/yetAnotherNimCrypt.py msf.raw --output lol.exe  

[+] Formated shellcode

[+] Shellcode template updated using technique: EnumCalendarInfo

[+] Shellcode loader compiled

xl00t@linux:/home/xl00t/Desktop/Redteam $ ll lol.exe 

-rwxr-xr-x 1 xl00t xl00t 61K Nov 23 16:41 lol.exe

xl00t@linux:/home/xl00t/Desktop/Redteam $ file lol.exe                                               

lol.exe: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows, 11 sections

xl00t@linux:/home/xl00t/Desktop/Redteam $

```

![Shellcode executionexample](assets/imgs/shellcode_execution_example.png)

## Credits

This project was inspired by the work of [Matro7sh - myph](https://github.com/matro7sh/myph).

## Contributing

Contributions are welcome! If you find a bug or have a suggestion for improvement, please open an issue or submit a pull request.

## License

This project is licensed under the MIT License. See the [LICENSE](https://github.com/xl00t/yetAnotherNimCrypt/blob/main/LICENSE) file for more details.