User Controls

Python Based, Multi-pass encoder & Heuristic Sandbox AV evasion tool.

  1. #1
    Sophie Pedophile Tech Support
    Do you even malware? This is awesome.

    http://seclist.us/pecloak-py-beta-a-multi-pass-encoder-heuristic-sandbox-bypass-av-evasion-tool.html
  2. #2
    Lanny Bird of Courage
    Cool stuff mang, I was looking over the source code. One of the things it talks about is "carving out a code cave", when in the source means walking over the binary and looking for long runs of null bytes. Is 0x00 x86's NOP instruction or is something else going on there? I have a decent understanding of processor design/assembly but I've never worked with x86 specifically.
  3. #3
    Sophie Pedophile Tech Support
    Cool stuff mang, I was looking over the source code. One of the things it talks about is "carving out a code cave", when in the source means walking over the binary and looking for long runs of null bytes. Is 0x00 x86's NOP instruction or is something else going on there? I have a decent understanding of processor design/assembly but I've never worked with x86 specifically.

    0x00 is Intel 8051/MCS-51 NOP instruction. While 0x90 is the NOP instruction for x86 architecture according to what i've read. Unfortunately beyond that i wouldn't know. But yeah, going over the website in general they seem to have a lot of cool stuff going on besides this tool as well.
  4. #4
    Fluttershy Short Bussy
    This is one of the oldest exchanges on the website. Quite possibly the first. And it has remained here unmolested for nearly a decade.

    Until now…..

    I’ve molested your old thread. Nothing is sacred to me.
    The following users say it would be alright if the author of this post didn't die in a fire!
  5. #5
    mashlehash victim of incest [my perspicuously dependant flavourlessness]
    Is there any reason why it is for evasion?
  6. #6
    Fluttershy Short Bussy
    Originally posted by mashlehash Is there any reason why it is for evasion?

    not to my knowledge
  7. #7
    Speedy Parker Black Hole
    Originally posted by Fluttershy This is one of the oldest exchanges on the website. Quite possibly the first. And it has remained here unmolested for nearly a decade.

    Until now…..

    I’ve molested your old thread. Nothing is sacred to me.

    Hood job, see what you can do with this one.

    https://niggasin.space/thread/1
  8. #8
    Fluttershy Short Bussy
    Originally posted by Speedy Parker Hood job, see what you can do with this one.

    https://niggasin.space/thread/1

    that thread had already been necrobumped.
Jump to Top