PySC - Download shellcode from a remote DNS server (using TXT records) or through Internet Explorer (using SSPI to utilize system-wide proxy settings and authorization tokens) and injects it into a specified process
Python
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
config
modules
optional
LICENSE
README.md
pysc.py

README.md

PySC

PySC expands on the numerous available tools and scripts to inject into a process on a
running system.

Aims of this project:

- Remove shellcode from the script to help avoid detection by AV and HIPS systems
- Offer a flexible command line based script
- Also provide the ability to run fully automated, as an EXE (by using pyinstaller)

To this end this prototype script offers the ability to download shellcode from a
remote DNS server (using TXT records) or through Internet Explorer (using SSPI to
utilize system-wide proxy settings and authorization tokens) and injects it into a
specified process. If injection into the specified process is not possible, the script
falls back to injecting into the current process.

Module dependancies: none

Optional:

--> Includes server-side code for Metasploit and Python SCAPY for delivery of shellcode YMMV