Skip to content

Penetration Testing Tools

Search for:

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Home
Data Forensics
Ethical Hacking
Mobile Hacking
Network Attacks
Vulnerability Assessment
Web AppSec
OSINT
Code Assessment
Malware Offense
IoT
Cryptography
Arsenal Lab
Hardware/Embedded
Malware Defense
Network Defense
Reverse Engineering
Smart Grid/Industrial Security

Search for:

Penetration Testing Tools

Ethical Hacking

SuperMega: Stealthily inject shellcode into an executable

by ddos · December 1, 2024

SuperMega – Cordyceps Implementation

SuperMega is a shellcode loader by injecting it into genuine executables (.exe or .dll). The loader is programmed in C.

The idea is that injecting shellcode nicely into a non-malicious executable should make it less detected.

Features:

Encrypt payload
Execution guardrails, so payload is only decrypted on target
Anti emulation, against AV emulators

EDR deconditioner, against EDR memory scan
Keep all original properties of the executable (imports etc.)
Very small carrier loader

Code execution with main function hijacking
No PEB walk, reuses IAT to execute windows api functions
Inject data into .rdata for the carrier shellcode

Patch IAT for missing functions for the carrier

Directories

data/binary/shellcodes: Input: Shellcodes we want to use as input (payload)
data/binary/exes/: Input: Nonmalicious EXE files we inject into

data/source/carrier: Input: Carrier C templates
projects/<projectname>: output: Project directory with all files
projects/default: output: Project directory with all files

Download & Use

Share

Tags: inject shellcode

Follow:

Previous story Maester: Monitor your Microsoft 365 tenant’s security configuration

Search

MAKE THE WEBSITE ONLINE

Popular Posts
Tags

Ethical Hacking

SuperMega: Stealthily inject shellcode into an executable

December 1, 2024
Cryptography

themis: open-source high-level cryptographic services library

November 1, 2024
OSINT - Open Source Intelligence / Web AppSec

crawl4ai: Open-source LLM Friendly Web Crawler & Scrapper

November 1, 2024
Network Defense

Network Flight Recorder: score network traffic and flag anomalies

November 2, 2024
OSINT - Open Source Intelligence

CloudShovel: scanning public or private AMIs for sensitive files and secrets

November 2, 2024

Amazon AMD Android Apple ARM Artificial intelligence ASRock Asus ChatGPT chrome facebook Firefox Gigabyte Github google Google Chrome hacker Huawei Intel Lenovo LG Linux Linux Kernel MediaTek Meta Microsoft microsoft edge MSI Nvidia OpenAI PlayStation 5 Qualcomm ransomware Samsung SK Hynix Sony Steam Deck TSMC vulnerability windows Windows 7 Windows 10 Windows 10X Windows 11 Xbox

Reward

Brilliantly

SAFE!

meterpreter.org

Content & Links

Verified by Sur.ly

2022

Home
About Us
Contact Us
DMCA NOTICE
Privacy Policy

Penetration Testing Tools © 2024. All Rights Reserved.

x