FUD shellcode Injector

Last update: Nov 17, 2022

Overview

EVA

fully undetectable injector

Update on Monday, July 12 : USE EVA2 INSTEAD .

[+] antiscan.me

YOUR MOM IS A -BITCH- IF YOU UPLOADED THIS TO ANY WEBSITE OTHER THAN `antiscan.me`

READ THE UPDATE

REQUIREMENTS:

visual studio 2019 [ it may work with visual studio 2017 ]
cobalt strike [ take a look at my repo cobalt-wipe ]
python2 for the encoder

USAGE:

create your shellcode (x64 x86 wont work) using cobalt-strike [check my cobalt-wipe repo]
place your shellcode inside encoder.py and run it using python2
after encoder.py output your encrypted shellcode copy and paste it inside EVA.cpp
build the code using visual studio 2019 - Release - x64 x86 wont work
enjoy

How Does EVA Work:

first EVA will take a look at the running processes to allocate the pid of chrome.exe and inject the shellcode to it.
if chrome.exe is not open, EVA will inject the code to explorer.exe instead

DEMO:

[+] You can do your self a favour and disable Automatic Sample Submission in windows defender:

1- explorer - injection:

explorer.-.injection.mp4

2- chrome - injection:

chrome.-.injection.mp4

special thanks for:

hasherezade - for helping me in building EVA inside visual studio
and for the person who posted the decoding way in memory, i forgot where i got it from : | if you are seeing this please reply !

please feel free to post any issue or any suggestions

i will be adding more information about how does it work `nah i wont, however if you want to know more about the code email me :>`

MIT LICENSE

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

My Empty Ethereum Wallet : 0x1B4944030818392D76672f583884F4A125A4415e

raincoat is a shellcode injector that uses direct syscall invoking.

raincoat is a shellcode injector that uses direct syscall invoking. by liz @realhaxorleet & ellyysium @ellyysium opening the code may cause brain dama

5 Jan 29, 2022

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

HOLLOW - Cobalt Strike BOF Authors: Bobby Cooke (@0xBoku) Justin Hamilton (@JTHam0) Octavio Paguaga (@OakTree__) Matt Kingstone (@n00bRage) Beacon Obj

203 Dec 20, 2022

A USB-PD sniffer/injector/sink based on Google's Twinkie, re-designed to be manufactured by mere mortals.

Twonkie - a USB-PD sniffer based on Google's Twinkie Twonkie is a USB-PD sniffer/injector/sink based on a Google project called Twinkie, re-engineered

97 Jan 2, 2023

A USB-PD sniffer/injector/sink based on Google's Twinkie, re-designed to be manufactured by mere mortals.

Twonkie - a USB-PD sniffer based on Google's Twinkie Twonkie is a USB-PD sniffer/injector/sink based on a Google project called Twinkie, re-engineered

97 Jan 2, 2023

PoC MSVC COFF Object file loader/injector.

COFFInjector A Proof of Concept code - loading and injecting MSVC object file. Blog post with explanation: https://0xpat.github.io/Malware_development

132 Dec 28, 2022

C/C++ Windows Process Injector for Educational Purposes.

ProcessInjector C/C++ Windows Process Injector for Educational Purposes. What does this software do? This is a simple process injector that uses the C

8 May 3, 2022

A loadlibrary injector for the game Splitgate that fully bypasses their EQU8 anti-cheat implementation.

splitgate-load-library-injector A loadlibrary injector for the game Splitgate that fully bypasses their EQU8 anti-cheat implementation. Information Th

8 Oct 3, 2022

GlueGD is a mod loader for Geometry Dash that does not require a modification to any existing Geometry Dash files or an external injector or launcher.

GlueGD is a mod loader for Geometry Dash that does not require a modification to any existing Geometry Dash files or an external injector or la

9 Apr 10, 2022

simple C++ dll injector

Dll-Injector DLL injection is a method of executing arbitrary code in the address space of a separate live process. TECHNICAL DETAILS Open process wit

31 Dec 26, 2022

A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

TrustedInjector This is a LoadLibrary injector for Counter-Strike: Global Offensive. Information It automatically bypasses trusted mode by removing ho

19 Jan 6, 2023

Edited and relatively up-to-date xenos injector

Xenos Windows dll injector. Based on Blackbone library - https://github.com/DarthTon/Blackbone Changes from the original repository Up-to-date blackbo

5 Apr 18, 2022

An injector is simply a program that injects some sort of file into your game

example-injector What it injector? An injector is simply a program that injects some sort of file into your game. This could be something as benign as

30 Dec 27, 2022

Private internal Cheat-Injector for Valorant

CyberVal-Injector CyberVal is a paste of a internal Valorant Cheat which has been used by several providers like LeagueHell, Enduty and several other

38 Jan 5, 2023

A generic post-processing injector for games and video software.

ReShade This is a generic post-processing injector for games and video software. It exposes an automated way to access both frame color and depth info

2.9k Dec 28, 2022

FiveM Cheat with KEKHACK. Injected with simple injector in c++.

FiveM Cheat with TriggersEvent [KEKHACK] This is the ultimate great source code for building the best cheat FiveM. I'm not going to tell you how to cr

9 Dec 26, 2022

Best EAC/VAC Injector

DevRcs Dll Injector Implemented Injection Methods We break the injection procedure into serveral "parts", and each part has a few selection of methods

3 May 11, 2022

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger. Also you can convert the "binary-copied-clipboard" to c-shellcode string.

30 Oct 7, 2022

Remote Download and Memory Execute for shellcode framework

RmExecute Remote Download and Memory Execute for shellcode framework 远程下载并内存加载的ShellCode框架，暂不支持X64 参（抄）考（袭）项目 windows下shellcode提取模板的实现主要抄袭来源，直接使用这位大佬

52 Dec 25, 2022

POCs for Shellcode Injection via Callbacks

Callback_Shellcode_Injection POCs for Shellcode Injection via Callbacks. Working APIs 1, EnumTimeFormatsA Works 2, EnumWindows Works 3, EnumD

322 Jan 5, 2023

Releases(1)

1(Jun 25, 2021)
uses xor encryption / decryption for the shellcode

inject chrome.exe process [if found] with the decrypted shellcode

inject explorer.exe process [in case chrome.exe isn't found]

uses VirtualAllocEx - WriteProcessMemory - CreateRemoteThread --> to inject the shellcode

uses CreateToolhelp32Snapshot --> to find the processes

work on x64

Source code(tar.gz)
Source code(zip)

FUD shellcode Injector

Related tags

Overview

EVA

fully undetectable injector

Update on Monday, July 12 : USE EVA2 INSTEAD .

[+] antiscan.me

YOUR MOM IS A -BITCH- IF YOU UPLOADED THIS TO ANY WEBSITE OTHER THAN antiscan.me

READ THE UPDATE

REQUIREMENTS:

USAGE:

How Does EVA Work:

DEMO:

[+] You can do your self a favour and disable Automatic Sample Submission in windows defender:

1- explorer - injection:

2- chrome - injection:

special thanks for:

please feel free to post any issue or any suggestions

i will be adding more information about how does it work nah i wont, however if you want to know more about the code email me :>

MIT LICENSE

My Empty Ethereum Wallet : 0x1B4944030818392D76672f583884F4A125A4415e

You might also like...

raincoat is a shellcode injector that uses direct syscall invoking.

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode

A USB-PD sniffer/injector/sink based on Google's Twinkie, re-designed to be manufactured by mere mortals.

A USB-PD sniffer/injector/sink based on Google's Twinkie, re-designed to be manufactured by mere mortals.

PoC MSVC COFF Object file loader/injector.

C/C++ Windows Process Injector for Educational Purposes.

A loadlibrary injector for the game Splitgate that fully bypasses their EQU8 anti-cheat implementation.

GlueGD is a mod loader for Geometry Dash that does not require a modification to any existing Geometry Dash files or an external injector or launcher.

simple C++ dll injector

A LoadLibrary injector for CS:GO that automatically bypasses Trusted Mode by disabling various Win32 function hooks.

Edited and relatively up-to-date xenos injector

An injector is simply a program that injects some sort of file into your game

Private internal Cheat-Injector for Valorant

A generic post-processing injector for games and video software.

FiveM Cheat with KEKHACK. Injected with simple injector in c++.

Best EAC/VAC Injector

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

Remote Download and Memory Execute for shellcode framework

POCs for Shellcode Injection via Callbacks

Releases(1)

1(Jun 25, 2021)

Owner

shellcode injector

White-Stuff - a simple xor encoder/decoder for your shellcode

sc4cpp is a shellcode framework based on C++

This is a brand-new technique for shellcode injection to evade AVs and EDRs

Custom shellcode runner builder w/ CobaltStrike integration

A method from GH on how to stream a dll without touching disk, TAGS: fortnite cheat fortnite injector dll injector

Advanced C++ Discord Token Grabber ( FUD )

Manual map shellcode (aka byte array) injector

Encrypted shellcode injector with basic virtual machine evasion using C++

shellcode injector

YOUR MOM IS A -BITCH- IF YOU UPLOADED THIS TO ANY WEBSITE OTHER THAN `antiscan.me`

i will be adding more information about how does it work `nah i wont, however if you want to know more about the code email me :>`