hello, last time i posted about a x64 cryptor that was also fud and able to bypass pesieve, i had some dms about clients that want to use it for their payloads (ex: cobalt), however, i know for a fact that a live payload requires more attention during run time, and during memory scanning, so i decided to build something special for that purpose:
checkzilla [1/19] (running cobalt strike) : https://checkzilla.io/scan/91862eb0-f429-4e41-9dc3-61ddca816d90
windows defender and pesieve bypass demo:
(please note that the loader has a sleep time, which was disabled for the sake of the checkzilla scan and the video above)
higher resolution video : https://mega.nz/file/yl0iEZ7K#5z-FjdEq6tJ-n3ewn0UW9nIwLrI-qnByidE91TTsNuU
features:
- built with pure c/asm (visual studio 2017 compiler)
- no crt functions
- small size (10 kb + the size of the payload)
- aes encryption, with no static key / iv
- no imported functions (unless the ones on purpose)
- no rwx sections, while execution
- built in functionality allowing it to do custom sleep obfuscation for cobalt strike
- the payload is executed locally (i can inject to other processes as a upgraded version later)
- direct syscalls
- run any x64 payload
- the cobalt strike mode can be used on other payloads as well (dm me for more details on this point if you want)
- rop injection
- selling with the source code
- selling for 3 customers MAX
- i can upgrade it later and add functionalities like : anti-debugging, anti-analyses, persistence, and so on ...
- price : 300$ including a builder, and ill set up the environment in case the customer wanted so
for any other details feel free to dm me.
Note: i know that i have to make a deposite, but im a college student looking to pay my tuition,
and thats why im selling my projects, im financially not able to pay deposit at the moment, but im not asking you to petty me, im just asking for a chance.
contact me via dm or via:
JABBER: nullstack@jabb3r.org
TOX: 7122941BC23CBF2F118CD826A1B36F17532E2F5C8D78CAABB5D6EA5C822E39473D1B67B41AC9
checkzilla [1/19] (running cobalt strike) : https://checkzilla.io/scan/91862eb0-f429-4e41-9dc3-61ddca816d90
windows defender and pesieve bypass demo:
higher resolution video : https://mega.nz/file/yl0iEZ7K#5z-FjdEq6tJ-n3ewn0UW9nIwLrI-qnByidE91TTsNuU
features:
- built with pure c/asm (visual studio 2017 compiler)
- no crt functions
- small size (10 kb + the size of the payload)
- aes encryption, with no static key / iv
- no imported functions (unless the ones on purpose)
- no rwx sections, while execution
- built in functionality allowing it to do custom sleep obfuscation for cobalt strike
- the payload is executed locally (i can inject to other processes as a upgraded version later)
- direct syscalls
- run any x64 payload
- the cobalt strike mode can be used on other payloads as well (dm me for more details on this point if you want)
- rop injection
- selling with the source code
- selling for 3 customers MAX
- i can upgrade it later and add functionalities like : anti-debugging, anti-analyses, persistence, and so on ...
- price : 300$ including a builder, and ill set up the environment in case the customer wanted so
for any other details feel free to dm me.
Note: i know that i have to make a deposite, but im a college student looking to pay my tuition,
and thats why im selling my projects, im financially not able to pay deposit at the moment, but im not asking you to petty me, im just asking for a chance.
contact me via dm or via:
JABBER: nullstack@jabb3r.org
TOX: 7122941BC23CBF2F118CD826A1B36F17532E2F5C8D78CAABB5D6EA5C822E39473D1B67B41AC9