Sharperner : Simple Executable Generator With Encrypted Shellcode

Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning.

Features

PE binary

Process Hollowing
PPID Spoofing
Random generated AES key and iv
Final Shellcode, Key and IV are translated to morse code

.NET binary

AES + XOR encrypted shellcode
APC Process Injection (explorer.exe)
Random function names
Random generated AES key and iv
Final Shellcode, Key and IV are translated to morse code

Usage

/file B64,hex,raw shellcode
/type cs,cpp
/out Output file Location (Optional)
Example:
Sharperner.exe /file:file.txt /type:cpp
Sharperner.exe /file:file.txt /out:payload.exe

R K

Next GitDump : A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled »

Previous « TiEtwAgent : PoC Memory Injection Detection Agent Based On ETW, For Offensive And Defensive Research Purposes

Share

Published by

R K

Tags: Encrypted ShellcodeExecutable GeneratorSharperner

3 years ago

Recent Posts

Hacking Tools

Shadow-rs : Harnessing Rust’s Power For Kernel-Level Security Research

shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…

1 week ago

Cyber security

ExecutePeFromPngViaLNK – Advanced Execution Of Embedded PE Files via PNG And LNK

Extract and execute a PE embedded within a PNG file using an LNK file. The…

2 weeks ago

Cyber security

Red Team Certification – A Comprehensive Guide To Advancing In Cybersecurity Operations

Embark on the journey of becoming a certified Red Team professional with our definitive guide.…

3 weeks ago

Hacking Tools

CVE-2024-5836 / CVE-2024-6778 : Chromium Sandbox Escape via Extension Exploits

This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…

3 weeks ago

Exploitation Tools

Rust BOFs – Unlocking New Potentials In Cobalt Strike

This took me like 4 days (+2 days for an update), but I got it…

3 weeks ago

Cyber security

MaLDAPtive – Pioneering LDAP SearchFilter Parsing And Security Framework

MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…

3 weeks ago

L