Skip to content

xchgll/BeBeeLoader

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 

Repository files navigation

BeBee Loader

Screenshot

BeBee loader is shellcode loader & educational project to defeat windows defender using multiple techniques

Features && How it works ?

  • Encrypts your shellcode and stores it in PE Resouces as an bitmap image
  • Extracts shellcode from resources and decrypt it in runtime
  • Uses indirect syscalls for memory operations and execution
  • Early Bird APC Injection
  • Bypassed Windows Defender <= 11 till nows date (July 2026)

Fake BMP Format

SIZE (bytes):   DATA:
    14            Fake BMP Header
    4             Xor Decrytion Key
    40            NOP Sled
    ...           Encrypted Shellcode

Usage

  1. generate shellcode using havoc,metasploit.. whatever
  2. clone the repo && go to src folder
git clone https://github.com/xchgll/BeBeeLoader.git && cd src
  1. run create_shellcode.py this creates the encrypted resource and .rc file
python create_shellcode.py demon.x64.bin <Xor_Key_Hex>
  1. run build.bat this will generate the final implant main.exe

Credits & Special Thanks

Reenz0h for Halos Gate Technique

Follow Me X

Releases

No releases published

Packages

 
 
 

Contributors

Languages