Tag Archives: Executables

Mangle : Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL). Mangle can remove known Indicators of Compromise (IoC) based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and can clone code-signing certs from legitimate files. In doing so, Mangle helps loaders evade on-disk …

Continue reading “Mangle : Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs”

PS2EXE : Module To Compile Powershell Scripts To Executables

PS2EXE is a Module To Compile Powershell Scripts To Executables. Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here (https://github.com/MScholtes/TechNet-Gallery) and …

Continue reading “PS2EXE : Module To Compile Powershell Scripts To Executables”

Drow : Injects Code Into ELF Executables Post-Build

Drow is a command-line utility that is used to inject code and hook the entrypoint of ELF executables (post-build). It takes unmodified ELF executables as input and exports a modified ELF containing an embedded user-supplied payload that executes at runtime. Drow takes the following steps to create the new patched ELF: Map in the umodified …

Continue reading “Drow : Injects Code Into ELF Executables Post-Build”