Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that has been integrated with SysWhispers in order to bypass AV/EDR. The included python builder will work on any Linux system that has Mingw-w64 installed.
The tool has been confirmed to successfully load Meterpreter and a Cobalt Strike beacon on fully updated systems with Windows Defender enabled. The project itself is still in a PoC/WIP state, as it currently doesn’t work with all payloads.
2/9/22 EDIT: Shhhloader now includes 5 different ways to execute your shellcode! See below for updated usage. Big thanks to @Snovvcrash and their DInjector project for inspiration! I highly recommend taking a look at it for more information regarding the shellcode injection techniques and code that this tool is now based on.
┳┻|
┻┳|
┳┻|
┻┳|
┳┻| _
┻┳| •.•) – Shhhhh, AV might hear us!
┳┻|⊂ノ
┻┳|
usage: Shhhloader.py [-h] [-p explorer.exe] [-m QueueUserAPC] [-nr] [-v] [-d] [-o a.exe] file
ICYGUIDER’S CUSTOM SYSWHISPERS SHELLCODE LOADER
positional arguments:
file File containing raw shellcode
optional arguments:
-h, –help show this help message and exit
-p explorer.exe, –process explorer.exe
Process to inject into (Default: explorer.exe)
-m QueueUserAPC, –method QueueUserAPC
Method for shellcode execution (Options: ProcessHollow, QueueUserAPC,
RemoteThreadContext, RemoteThreadSuspended, CurrentThread) (Default: QueueUserAPC)
-nr, –no-randomize Disable syscall name randomization
-v, –verbose Enable debugging messages upon execution
-d, –dll-sandbox Use DLL based sandbox checks instead of the standard ones
-o a.exe, –outfile a.exe
Name of compiled file
Tested and Confirmed Working on:
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…
Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…
Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…