HERCULES - HERCULES is a special payload generator that can bypass antivirus softwares.

  •        138

HERCULES is a customizable payload generator that can bypass antivirus software. WARNING: Don't change the location of the HERCULES folder.

https://github.com/EgeBalci/HERCULES

Tags
Implementation
License
Platform

   




Related Projects

SpookFlare - Loader, dropper generator with multiple features for bypassing client-side and network-side countermeasures

  •    Python

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has obfuscation, encoding, run-time code compilation and character substitution features. So you can bypass the countermeasures of the target systems like a boss until they "learn" the technique and behavior of SpookFlare payloads. Special thanks to the following projects and contributors.

kwetza - Python script to inject existing Android applications with a Meterpreter payload.

  •    Smali

Kwetza is a tool that allows you to infect an existing Android application with a Meterpreter payload. Kwetza infects an existing Android application with either custom or default payload templates to avoid detection by antivirus. Kwetza allows you to infect Android applications using the target application's default permissions or inject additional permissions to gain additional functionality.

php-malware-finder - Detect potentially malicious PHP files

  •    PHP

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Of course it's trivial to bypass PMF, but its goal is to catch kiddies and idiots, not people with a working brain. If you report a stupid tailored bypass for PMF, you likely belong to one (or both) category, and should re-read the previous statement.


h4cker - This repository is primarily maintained by Omar Santos and includes resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more

  •    Java

This repository includes thousands of cybersecurity-related references and resources and it is maintained by Omar Santos. This GitHub repository has been created to provide supplemental material to several books, video courses, and live training created by Omar Santos and other co-authors. It provides over 6,000 references, scripts, tools, code, and other resources that help offensive and defensive security professionals learn and develop new skills. This GitHub repository provides guidance on how build your own hacking environment, learn about offensive security (ethical hacking) techniques, vulnerability research, exploit development, reverse engineering, malware analysis, threat intelligence, threat hunting, digital forensics and incident response (DFIR), includes examples of real-life penetration testing reports, and more. These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), CompTIA PenTest+ and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.

EggShell - iOS/macOS/Linux Remote Administration Tool

  •    Objective-C

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.

The Diary of Hercules

  •    Python

The Diary of Hercules is a personal workout diary program for bodybuilders and fitness enthusiasts. It can be helpful in creating training plans and storing data about gym progress. This program created with Python/wxPython and SQLObject/SQLite.

mpc - MSFvenom Payload Creator (MSFPC)

  •    Shell

A quick way to generate various "basic" Meterpreter payloads via msfvenom (part of the Metasploit framework). MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.

malware-jail - Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction

  •    Javascript

malware-jail is written for Node's 'vm' sandbox. Currently implements WScript (Windows Scripting Host) context env/wscript.js, at least the part frequently used by malware. Internet browser context is partialy implemented env/browser.js. Runs on any operating system. Developed and tested on Linux, Node.js v6.6.0.

Amber - Reflective PE packer.

  •    Assembly

amber is a reflective PE packer for bypassing security products and mitigations. It can pack regularly compiled PE files into reflective payloads that can load and execute itself like a shellcode. It enables stealthy in-memory payload deployment that can be used to bypass anti-virus, firewall, IDS, IPS products and application white-listing mitigations. If you want to learn more about the packing methodology used inside amber check out below. For more detail about usage, installation and how to decrease detection rate check out WIKI. Developed By Ege Balcı from INVICTUS/PRODAFT.

EGESPLOIT - EGESPLOIT is a golang library for malware development

  •    Go

EGESPLOIT is a golang library for malware development, it has few unique functions for meterpreter integration.

CAPEv2 - Malware Configuration And Payload Extraction

  •    Python

CAPE is a malware sandbox. It was derived from Cuckoo with the goal of adding automated malware unpacking and config extraction - hence its name is an acronym: 'Config And Payload Extraction'. Automated unpacking allows classification based on Yara signatures to complement network (Suricata) and behavior (API) signatures. Although config and payload extraction was the original stated goal, it was the development of the debugger in CAPE which first inspired the project: in order to extract configs or unpacked payloads from arbitrary malware families without relying on process dumps (which sooner or later the bad guys will thwart), instruction-level monitoring and control is necessary. The novel debugger in CAPE follows the principle of maximising use of processor hardware and minimising (almost completely) use of Windows debugging interfaces, allowing malware to be stealthily instrumented and manipulated from the entry point with hardware breakpoints programmatically set during detonation by Yara signatures or API calls. This allows instruction traces to be captured, or actions to be performed such as control flow manipulation or dumping of a memory region.

gym-malware

  •    Python

This is a malware manipulation environment for OpenAI's gym. OpenAI Gym is a toolkit for developing and comparing reinforcement learning algorithms. This makes it possible to write agents that learn to manipulate PE files (e.g., malware) to achieve some objective (e.g., bypass AV) based on a reward provided by taking specific manipulation actions. Create an AI that learns through reinforcement learning which functionality-preserving transformations to make on a malware sample to break through / bypass machine learning static-analysis malware detection.

CHAOS - :fire: CHAOS allow generate payloads and control remote Windows systems.

  •    Go

CHAOS allow generate payloads and control remote Windows systems. 📚 This project was created only for learning purpose.

Manalyze - A static analyzer for PE executables.

  •    C++

My work on Manalyze started when my antivirus tried to quarantine my malware sample collection for the thirtieth time. It is also born from my increasing frustration with AV products which make decisions without ever explaining why they deem a file malicious. Obviously, most people are better off having an antivirus decide what's best for them. But it seemed to me that expert users (i.e. malware analysts) could use a tool which would analyze a PE executable, provide as many data as possible, and leave the final call to them. If you want to see some sample reports generated by the tool, feel free to try out the web service I created for it: manalyzer.org.

chashell - Chashell is a Go reverse shell that communicates over DNS

  •    Go

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks. It comes with a multi-client control server, named chaserv.

multiscanner - Modular file scanning/analysis framework

  •    Javascript

MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built Python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework. Modules are designed to be quickly written and easily incorporated into the framework. Currently written and maintained modules are related to malware analytics, but the framework is not limited to that scope. For a list of modules you can look in modules/. Descriptions and config options can be found on the Analysis Modules page.

GTFOBins

  •    HTML

GTFOBins is a curated list of Unix binaries that can be exploited by an attacker to bypass local security restrictions. Browse the project here.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.