You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
The key has expired.
New Features
Added direct and indirect Syscall methods.
Added support for different HTTP beacon Libraries.
Created a dynamic set of Magic_MZ header values to help avoid any detection rules looking for MZ in the PE header.
Created a dynamic function to generate unique Magic_PE header values.
Added Thread spoofing.
Created a unique thread-spoofing list of 9 of the most common Windows base thread modules along with a random number generator to ensure each base address spoofed is unique.
Updated the Pipe list to ones that are no longer linked to any IOCs.
Updated PE_Clone options and values to reflect the latest versions with the most recent version of Windows.
Stripped out IOCs related to Bofs and in-memory execution.
