Skip to content
This repository has been archived by the owner on Aug 18, 2023. It is now read-only.

v4.0
Compare
Choose a tag to compare
@Tylous Tylous released this 23 Mar 22:12
· 21 commits to main since this release
v4.0
64abb2b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New Features

  • Introduced AMSI bypass mechanisms to prevent AMSI events from being generated.
  • Added a -noamsi command option to not patch AMSI.
  • Added graphic icons to all binary loaders that match the binary.
  • Added Garble for compiling all loaders.
  • Added a -sha256 command to list the sha256 hash of the loaders.
  • Removed all IoC's for certain well-known Anti-Malware products.
  • Rewrote the shellcode and decrypt function into a library rather than a function in the main file.
  • Updated binary loader method of allocating and executing shellcode.
  • Updated system DLL method from base64 to byte array.
  • Removed _CGO_Dummy_Export From all DLL-based loaders.
  • Removed CGO for compiling binary loaders.

Bug Fixes

  • Fixed bug with certain attributes not properly showing for binary loaders.
  • Fixed code bug with HTA files with WScript, Control, and MSIexec loaders.
  • Fixed Index error for WScript loaders.
  • Added error messaging for when -O is not defined with WScript and Excel loaders.
  • Fixed issue with the -unmodified command line breaking.
  • Updated help menu & README.

Update 03/23/2022 13:22 EST

  • Fixed issue with Base64 and -noetw and -noamsi
  • Fixed Kernelbase typo.
Assets 6
Loading