Pyramid
ulexecve
Pyramid | ulexecve | |
---|---|---|
3 | 2 | |
615 | 168 | |
- | 0.6% | |
5.4 | 5.2 | |
about 1 month ago | 4 months ago | |
Python | Python | |
Apache License 2.0 | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Pyramid
ulexecve
-
Can I exec an new process without an executable file? (2015)
Definitely tricky. I solved it with a Python implementation by building up a big jumpbuffer so that the moment I leave Python-land I copy from temporary buffers to the right addresses and then ultimately jump at the entry point of the newly loaded binary. It's tricky and took quite some debugging to get right, but it's proven rather solid now.
See https://github.com/anvilsecure/ulexecve/blob/main/ulexecve.p... for details. Especially the `CodeGenerator` classes with implementations in x86, x86-64 and aarch64.
What are some alternatives?
traffic-generator - A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port. [Moved to: https://github.com/mytechnotalent/turbo-attack]
systemd-user-sleep - Activate a user sleep target when the system sleeps
wifiphisher - The Rogue Access Point Framework
PythonMemoryModule - pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory
Powershell-RAT - Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Metadata-Remover - A simple Metadata Removal Tool for images and videos using exiftool and ffmpeg in C and Python3.
ModuleShifting - Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes
byob - An open-source post-exploitation framework for students, researchers and developers.
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
Lockdoor-Framework - 🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources