User Controls
Python Based, Multi-pass encoder & Heuristic Sandbox AV evasion tool.
-
2015-08-14 at 3:23 PM UTCDo you even malware? This is awesome.
http://seclist.us/pecloak-py-beta-a-multi-pass-encoder-heuristic-sandbox-bypass-av-evasion-tool.html -
2015-08-15 at 3:11 AM UTCCool stuff mang, I was looking over the source code. One of the things it talks about is "carving out a code cave", when in the source means walking over the binary and looking for long runs of null bytes. Is 0x00 x86's NOP instruction or is something else going on there? I have a decent understanding of processor design/assembly but I've never worked with x86 specifically.
-
2015-08-15 at 3:40 AM UTC
Cool stuff mang, I was looking over the source code. One of the things it talks about is "carving out a code cave", when in the source means walking over the binary and looking for long runs of null bytes. Is 0x00 x86's NOP instruction or is something else going on there? I have a decent understanding of processor design/assembly but I've never worked with x86 specifically.
0x00 is Intel 8051/MCS-51 NOP instruction. While 0x90 is the NOP instruction for x86 architecture according to what i've read. Unfortunately beyond that i wouldn't know. But yeah, going over the website in general they seem to have a lot of cool stuff going on besides this tool as well.
