{"id":22875,"date":"2022-03-14T15:07:49","date_gmt":"2022-03-14T15:07:49","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=22875"},"modified":"2022-03-14T15:07:52","modified_gmt":"2022-03-14T15:07:52","slug":"bluffy","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/bluffy\/","title":{"rendered":"Bluffy : Convert Shellcode Into Different Formats"},"content":{"rendered":"\n<p><strong>Bluffy<\/strong> is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats.<\/p>\n\n\n\n<p>Proof-of-concept tools, such as&nbsp;0xBoku&#8217;s&nbsp;Ninja_UUID_Runner&nbsp;and&nbsp;ChoiSG&#8217;s&nbsp;UuidShellcodeExec, inspired the initial concept for Bluffy.<\/p>\n\n\n\n<p>So far, we implemented:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>UUID<\/li><li>CLSID<\/li><li>SVG<\/li><li>CSS<\/li><li>CSV<\/li><\/ol>\n\n\n\n<h2 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ad-995\/bluffy#help\"><\/a>Help<\/h2>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>$ python3 bluffy.py -h<br>\u28c7\u28ff\u2818\u28ff\u28ff\u28ff\u287f\u287f\u28df\u28df\u289f\u289f\u289d\u2835\u285d\u28ff\u287f\u2882\u28fc\u28ff\u28f7\u28cc\u2829\u286b\u287b\u28dd\u2839\u28bf\u28ff\u28f7<br>\u2846\u28ff\u28c6\u2831\u28dd\u2875\u28dd\u2885\u2819\u28ff\u2895\u2895\u2895\u2895\u289d\u28e5\u2892\u2805\u28ff\u28ff\u28ff\u287f\u28f3\u28cc\u282a\u286a\u28e1\u2891\u289d\u28c7<br>\u2846\u28ff\u28ff\u28e6\u2839\u28f3\u28f3\u28d5\u2885\u2808\u2897\u2895\u2895\u2895\u2895\u2895\u2888\u2886\u281f\u280b\u2809\u2801\u2809\u2809\u2801\u2808\u283c\u2890\u2895\u28bd<br>\u2857\u28b0\u28f6\u28f6\u28e6\u28dd\u289d\u2895\u2895\u2805\u2846\u2895\u2895\u2895\u2895\u2895\u28f4\u280f\u28e0\u2876\u281b\u2849\u2849\u285b\u28b6\u28e6\u2840\u2810\u28d5\u2895<br>\u285d\u2844\u28bb\u289f\u28ff\u28ff\u28f7\u28d5\u28d5\u28c5\u28ff\u28d4\u28d5\u28f5\u28f5\u28ff\u28ff\u28a0\u28ff\u28a0\u28ee\u2848\u28cc\u2828\u2805\u2839\u28f7\u2840\u28b1\u2895<br>\u285d\u2875\u281f\u2808\u2880\u28c0\u28c0\u2840\u2809\u28bf\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28fc\u28ff\u2888\u284b\u2834\u28bf\u285f\u28e1\u2847\u28ff\u2847\u2840\u2895<br>\u285d\u2801\u28e0\u28fe\u281f\u2849\u2849\u2849\u283b\u28e6\u28fb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28e7\u2838\u28ff\u28e6\u28e5\u28ff\u2847\u287f\u28f0\u2897\u2884<br>\u2801\u28b0\u28ff\u284f\u28f4\u28cc\u2808\u28cc\u2821\u2808\u28bb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ec\u28c9\u28c9\u28c1\u28c4\u2896\u2895\u2895\u2895<br>\u2840\u28bb\u28ff\u2847\u2899\u2801\u2834\u28bf\u285f\u28e1\u2846\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28f7\u28f5\u28f5\u28ff<br>\u287b\u28c4\u28fb\u28ff\u28cc\u2818\u28bf\u28f7\u28e5\u28ff\u2807\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u281b\u283b\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff<br>\u28f7\u2884\u283b\u28ff\u28df\u283f\u2826\u280d\u2809\u28e1\u28fe\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28b8\u28ff\u28e6\u2819\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u281f<br>\u2855\u2851\u28d1\u28c8\u28fb\u2897\u289f\u289e\u289d\u28fb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2838\u28ff\u283f\u2803\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u287f\u2801\u28e0<br>\u285d\u2875\u2848\u289f\u2895\u2895\u2895\u2895\u28f5\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28f6\u28f6\u28ff\u28ff\u28ff\u28ff\u28ff\u283f\u280b\u28c0\u28c8\u2819<br>\u285d\u2875\u2855\u2840\u2811\u2833\u283f\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u283f\u281b\u2889\u2860\u2872\u286b\u286a\u286a\u2863<br>Convert shellcode into \u2728 different \u2728 formats!<br>Written by:<br>~ Mez0<br>~ Michael Ranaldo<br>usage: Bluffy [-h] -b -o -m<br>optional arguments:<br>-h, &#8211;help show this help message and exit<br>-b , &#8211;bin Specify bin file to load<br>-m , &#8211;mask Specify the mask for the shellcode<br>-x , &#8211;xor XOR the payload<br>-p , &#8211;preview Preview the created format<br>-pp, &#8211;payload_preview Preview the payload prior to C formatting<br>&#8211;list List all the available masks<\/strong><\/p>\n\n\n\n<p>Written by:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Michael Ranaldo<\/li><li>Mez0<\/li><\/ul>\n\n\n\n<h2 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ad-995\/bluffy#requirements-and-installation\"><\/a>Requirements And Installation<\/h2>\n\n\n\n<p>The following items must be installed prior to using Bluff:<\/p>\n\n\n\n<h3 class=\"has-light-green-cyan-background-color has-background wp-block-heading\"><a href=\"https:\/\/github.com\/ad-995\/bluffy#python39-or-greater\"><\/a>python3.9 or greater<\/h3>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>sudo apt install python3.9<\/strong><\/p>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>rich<\/strong><\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>sudo pip3 install rich<\/strong><\/p>\n\n\n\n<h3 class=\"has-light-green-cyan-background-color has-background wp-block-heading\">pcre2.8<\/h3>\n\n\n\n<p>Depending on whether its going to be ran on Kali, Ubuntu 18, 19, 20, and so on, the process of getting and building with&nbsp;<code><strong>pcre2.8<\/strong><\/code>&nbsp;may be different.<\/p>\n\n\n\n<p>For us on Ubuntu, it was developed on<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>$ lsb_release -a<br>No LSB modules are available.<br>Distributor ID: Ubuntu<br>Description: Ubuntu 21.04<br>Release: 21.04<br>Codename: hirsute<\/strong><\/p>\n\n\n\n<p>In order to link&nbsp;<code><strong>libpcre2-8.a<\/strong><\/code>, the&nbsp;<code><strong>.a<\/strong><\/code>&nbsp;file had to be included within:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>\/usr\/lib\/gcc\/x86_64-w64-mingw32\/10-win32<\/strong><\/p>\n\n\n\n<p>As for obtaining the header and lib files,&nbsp;MSYS2&nbsp;was used. But if you&#8217;re smarter than us, then just do it from source for Mingw64:&nbsp;https:\/\/pcre.org\/.<\/p>\n\n\n\n<p>The simplest way to thus acquire and install is to run the following commands (after double checking your architecture etc.):<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>sudo apt install mingw-64<br>sudo wget https:\/\/packages.msys2.org\/package\/mingw-w64-x86_64-pcre2?repo=mingw64 -P \/usr\/lib\/gcc\/x86_64-w64-mingw32\/10-win32<\/strong><\/p>\n\n\n\n<h2 class=\"has-text-align-center has-vivid-green-cyan-background-color has-background wp-block-heading\">Using Bluffy<\/h2>\n\n\n\n<p>To build a payload, get your binary file. For this example, we used calc.bin, which just loads calc.exe as a proof of concept. As Bluffy only seeks to evade&nbsp;<em>static<\/em>&nbsp;analysis using steganography, by hiding the binary within an otherwise innocuous file, you will need to do further research to ensure that your payload also evades&nbsp;<em>dynamic<\/em>&nbsp;detection.<\/p>\n\n\n\n<p>Run&nbsp;<code><strong>bluffy<\/strong><\/code>, choosing a mask of your choice and providing your .bin file:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>python .\/bluffy.py -b calc.bin -m css -x<\/strong><\/p>\n\n\n\n<p>Check your payload, then build it. To build your payload, copy the .h file bluffy creates, rename it css.c, run make to build it to an executable, then test using the included examples directory:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>mv css.h examples\/css\/css.h<br>cd examples\/css<br>make<\/strong><\/p>\n\n\n\n<p>This will use the included &#8220;main.c&#8221; to build an Windows executable. Test this to confirm. If you have also used calc.bin, you should be greeted by a new Calc window opening. If so, congratulations!<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-16018d1d wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/ad-995\/bluffy\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic looking data formats. Proof-of-concept tools, such as&nbsp;0xBoku&#8217;s&nbsp;Ninja_UUID_Runner&nbsp;and&nbsp;ChoiSG&#8217;s&nbsp;UuidShellcodeExec, inspired the initial concept for Bluffy. So far, we implemented: UUID CLSID SVG CSS CSV Help $ python3 bluffy.py -h\u28c7\u28ff\u2818\u28ff\u28ff\u28ff\u287f\u287f\u28df\u28df\u289f\u289f\u289d\u2835\u285d\u28ff\u287f\u2882\u28fc\u28ff\u28f7\u28cc\u2829\u286b\u287b\u28dd\u2839\u28bf\u28ff\u28f7\u2846\u28ff\u28c6\u2831\u28dd\u2875\u28dd\u2885\u2819\u28ff\u2895\u2895\u2895\u2895\u289d\u28e5\u2892\u2805\u28ff\u28ff\u28ff\u287f\u28f3\u28cc\u282a\u286a\u28e1\u2891\u289d\u28c7\u2846\u28ff\u28ff\u28e6\u2839\u28f3\u28f3\u28d5\u2885\u2808\u2897\u2895\u2895\u2895\u2895\u2895\u2888\u2886\u281f\u280b\u2809\u2801\u2809\u2809\u2801\u2808\u283c\u2890\u2895\u28bd\u2857\u28b0\u28f6\u28f6\u28e6\u28dd\u289d\u2895\u2895\u2805\u2846\u2895\u2895\u2895\u2895\u2895\u28f4\u280f\u28e0\u2876\u281b\u2849\u2849\u285b\u28b6\u28e6\u2840\u2810\u28d5\u2895\u285d\u2844\u28bb\u289f\u28ff\u28ff\u28f7\u28d5\u28d5\u28c5\u28ff\u28d4\u28d5\u28f5\u28f5\u28ff\u28ff\u28a0\u28ff\u28a0\u28ee\u2848\u28cc\u2828\u2805\u2839\u28f7\u2840\u28b1\u2895\u285d\u2875\u281f\u2808\u2880\u28c0\u28c0\u2840\u2809\u28bf\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28fc\u28ff\u2888\u284b\u2834\u28bf\u285f\u28e1\u2847\u28ff\u2847\u2840\u2895\u285d\u2801\u28e0\u28fe\u281f\u2849\u2849\u2849\u283b\u28e6\u28fb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28e7\u2838\u28ff\u28e6\u28e5\u28ff\u2847\u287f\u28f0\u2897\u2884\u2801\u28b0\u28ff\u284f\u28f4\u28cc\u2808\u28cc\u2821\u2808\u28bb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ec\u28c9\u28c9\u28c1\u28c4\u2896\u2895\u2895\u2895\u2840\u28bb\u28ff\u2847\u2899\u2801\u2834\u28bf\u285f\u28e1\u2846\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28f7\u28f5\u28f5\u28ff\u287b\u28c4\u28fb\u28ff\u28cc\u2818\u28bf\u28f7\u28e5\u28ff\u2807\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u281b\u283b\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28f7\u2884\u283b\u28ff\u28df\u283f\u2826\u280d\u2809\u28e1\u28fe\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28b8\u28ff\u28e6\u2819\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u281f\u2855\u2851\u28d1\u28c8\u28fb\u2897\u289f\u289e\u289d\u28fb\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u2838\u28ff\u283f\u2803\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u287f\u2801\u28e0\u285d\u2875\u2848\u289f\u2895\u2895\u2895\u2895\u28f5\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28f6\u28f6\u28ff\u28ff\u28ff\u28ff\u28ff\u283f\u280b\u28c0\u28c8\u2819\u285d\u2875\u2855\u2840\u2811\u2833\u283f\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u28ff\u283f\u281b\u2889\u2860\u2872\u286b\u286a\u286a\u2863Convert shellcode into \u2728 different \u2728 formats!Written by:~ Mez0~ Michael [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":22891,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[4860,4861,4862],"class_list":["post-22875","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-bluffy","tag-convert-shellcode","tag-different-formats"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Bluffy : Convert Shellcode Into Different Formats !!!<\/title>\n<meta name=\"description\" content=\"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/bluffy\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bluffy : Convert Shellcode Into Different Formats !!!\" \/>\n<meta property=\"og:description\" content=\"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/bluffy\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2022-03-14T15:07:49+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-03-14T15:07:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Bluffy : Convert Shellcode Into Different Formats\",\"datePublished\":\"2022-03-14T15:07:49+00:00\",\"dateModified\":\"2022-03-14T15:07:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/\"},\"wordCount\":471,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\",\"keywords\":[\"Bluffy\",\"Convert Shellcode\",\"Different Formats\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/bluffy\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/\",\"name\":\"Bluffy : Convert Shellcode Into Different Formats !!!\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\",\"datePublished\":\"2022-03-14T15:07:49+00:00\",\"dateModified\":\"2022-03-14T15:07:52+00:00\",\"description\":\"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/bluffy\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Bluffy : Convert Shellcode Into Different Formats !!!","description":"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/bluffy\/","og_locale":"en_US","og_type":"article","og_title":"Bluffy : Convert Shellcode Into Different Formats !!!","og_description":"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.","og_url":"https:\/\/kalilinuxtutorials.com\/bluffy\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2022-03-14T15:07:49+00:00","article_modified_time":"2022-03-14T15:07:52+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Bluffy : Convert Shellcode Into Different Formats","datePublished":"2022-03-14T15:07:49+00:00","dateModified":"2022-03-14T15:07:52+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/"},"wordCount":471,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","keywords":["Bluffy","Convert Shellcode","Different Formats"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/bluffy\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/","url":"https:\/\/kalilinuxtutorials.com\/bluffy\/","name":"Bluffy : Convert Shellcode Into Different Formats !!!","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","datePublished":"2022-03-14T15:07:49+00:00","dateModified":"2022-03-14T15:07:52+00:00","description":"Bluffy is a utility which was used in experiments to bypass Anti-Virus products by formatting shellcode into realistic looking data formats.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/bluffy\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/bluffy\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEiozgw_9dg0EFfvbdfz6ZbTlCfp1O4h_vhDamM7tQsWr_k_pW90DmmLJr60rSj5rwFsolbs_PzfsrzLgj9kMOYAmekCYmFR9VPWiUXc9J6UERvHOhdQdhXMSNojPC9qbpnyONeXixlS0WbRtgFYELkfdAw5suW6-1CirI7KM0gaFR2MfR3kLu0fBBSB=s728","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":11916,"url":"https:\/\/kalilinuxtutorials.com\/obfuscator\/","url_meta":{"origin":22875,"position":0},"title":"Obfuscator : The Program Is Designed To Obfuscate The Shellcode","author":"R K","date":"December 9, 2020","format":false,"excerpt":"Obfuscator program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. XOR AES The tool accepts shellcode in 4 formats. base64 hex c raw Command Line Usage Usage Description ----- ----------- \/f Specify the format of the shellcode base64 hex c raw \/enc Specify the encryption type\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":21766,"url":"https:\/\/kalilinuxtutorials.com\/jektor\/","url_meta":{"origin":22875,"position":1},"title":"Jektor : A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses","author":"R K","date":"February 14, 2022","format":false,"excerpt":"Jektor utility focuses on shellcode injection techniques to demonstrate methods that malware may use to execute shellcode on a victim system \u00a0Dynamically resolves API functions to evade IAT inclusion\u00a0Includes usage of undocumented NT Windows API functions\u00a0Supports local shellcode execution via CreateThread\u00a0Supports remote shellcode execution via CreateRemoteThread\u00a0Supports local shellcode injection via\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706","width":350,"height":200,"srcset":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706 1x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706 1.5x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706 2x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706 3x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEh16vEZ6PH-I-ZrsBFnWcCoddD1_0xRZcFAcs-XGffqVnINIl9AnvBH477KhNWOJPBCVL_mzVIZjDIx7lkkvPnRWDK2KIfYhKDw4zVu1xaiquW79Rw06fJZ_09pPTLl6UW-vMAz_ZwZbwt8R4HzbJU3qTkQAws20XD0IC7yoERPYm21Xkf1e3PH8jYs=s1706 4x"},"classes":[]},{"id":27493,"url":"https:\/\/kalilinuxtutorials.com\/fud-uuid-shellcode\/","url_meta":{"origin":22875,"position":2},"title":"FUD-UUID-Shellcode : Another Shellcode Bypass Windows Defender","author":"R K","date":"October 18, 2022","format":false,"excerpt":"FUD-UUID-Shellcode is another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness. How it works? Shellcode Generation Firstly, generate a payload in binary format( using either CobaltStrike or msfvenom ) for instance, in msfvenom, you can do it like so(\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiaeALrehe_3iqrgf16SeiquqIZ_3fDtdm4toevIq2TQLgeSzqH5wHJvy7gpNOtD3H4EjRIspBCzalvzanw-be3iEiMw0qAXm9MpqqvSLq4r145Lsj4DY3b9mk7CtkTZ3ss2uHKwiRvmjOcTwK8Yg8I_OUuU_LHRfbasZ0xdbNda5zSxR8rAizuxlq5\/s728\/FUD-UUID-Shellcode.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiaeALrehe_3iqrgf16SeiquqIZ_3fDtdm4toevIq2TQLgeSzqH5wHJvy7gpNOtD3H4EjRIspBCzalvzanw-be3iEiMw0qAXm9MpqqvSLq4r145Lsj4DY3b9mk7CtkTZ3ss2uHKwiRvmjOcTwK8Yg8I_OUuU_LHRfbasZ0xdbNda5zSxR8rAizuxlq5\/s728\/FUD-UUID-Shellcode.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiaeALrehe_3iqrgf16SeiquqIZ_3fDtdm4toevIq2TQLgeSzqH5wHJvy7gpNOtD3H4EjRIspBCzalvzanw-be3iEiMw0qAXm9MpqqvSLq4r145Lsj4DY3b9mk7CtkTZ3ss2uHKwiRvmjOcTwK8Yg8I_OUuU_LHRfbasZ0xdbNda5zSxR8rAizuxlq5\/s728\/FUD-UUID-Shellcode.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiaeALrehe_3iqrgf16SeiquqIZ_3fDtdm4toevIq2TQLgeSzqH5wHJvy7gpNOtD3H4EjRIspBCzalvzanw-be3iEiMw0qAXm9MpqqvSLq4r145Lsj4DY3b9mk7CtkTZ3ss2uHKwiRvmjOcTwK8Yg8I_OUuU_LHRfbasZ0xdbNda5zSxR8rAizuxlq5\/s728\/FUD-UUID-Shellcode.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":34774,"url":"https:\/\/kalilinuxtutorials.com\/ghoststrike\/","url_meta":{"origin":22875,"position":3},"title":"GhostStrike &#8211; The Shadows Of Advanced Cybersecurity Operations","author":"Varshini","date":"September 10, 2024","format":false,"excerpt":"GhostStrike\u00a0is an advanced cybersecurity tool designed for Red Team operations, featuring sophisticated techniques to evade detection and perform process hollowing on Windows systems. Features Dynamic API Resolution:\u00a0Utilizes a custom hash-based method to dynamically resolve Windows APIs, avoiding detection by signature-based security tools. Base64 Encoding\/Decoding:\u00a0Encodes and decodes shellcode to obscure its\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGBzyzbz7drs5o1JnM-bmTid8zPERZOmO6zy6K2esEfOSbH4JceDpITCH34QFsCNQRfsA0R3tYKv5Pd_WuCDyqYNM7A06OWVst3M9IOX1XlcxSLv0xby6rd1A9exN3iAtNe5ZTwdidjyvp5FhmDjBD7px4z7MK40ccosSV0I_VmloI0hP7R64hjFBLN56o\/s16000\/GhostStrike%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":27560,"url":"https:\/\/kalilinuxtutorials.com\/protectmytooling\/","url_meta":{"origin":22875,"position":4},"title":"ProtectMyTooling : Multi-Packer Wrapper Letting Us Daisy-Chain Various Packers, Obfuscators And Other Red Team Oriented Weaponry","author":"R K","date":"November 8, 2022","format":false,"excerpt":"ProtectMyTooling is a script that wraps around multitude of packers, protectors, obfuscators, shellcode loaders, encoders, generators to produce complex protected Red Team implants. Your perfect companion in Malware Development CI\/CD pipeline, helping watermark your artifacts, collect IOCs, backdoor and more. ProtectMyToolingGUI.py With ProtectMyTooling you can quickly obfuscate your binaries without\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhSKGFPM_KojZEjFJ2K9TDcmJ0kuVNoeM_64Urm4n5e42LE0AiR3EbGH5QVkabBTCxgcWLp_Hd5GB1c4yp9fVHYhzRFuvjNnsM9SWmORi2wLTl9CyiNkNi6DFM4cYIDQBUSDmS9ruzjH5vzAlrlX_EjT4tok7373oJlVkqmP3BaSWDk9PcdBSUASyj7\/s728\/ProtectMyTooling.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhSKGFPM_KojZEjFJ2K9TDcmJ0kuVNoeM_64Urm4n5e42LE0AiR3EbGH5QVkabBTCxgcWLp_Hd5GB1c4yp9fVHYhzRFuvjNnsM9SWmORi2wLTl9CyiNkNi6DFM4cYIDQBUSDmS9ruzjH5vzAlrlX_EjT4tok7373oJlVkqmP3BaSWDk9PcdBSUASyj7\/s728\/ProtectMyTooling.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhSKGFPM_KojZEjFJ2K9TDcmJ0kuVNoeM_64Urm4n5e42LE0AiR3EbGH5QVkabBTCxgcWLp_Hd5GB1c4yp9fVHYhzRFuvjNnsM9SWmORi2wLTl9CyiNkNi6DFM4cYIDQBUSDmS9ruzjH5vzAlrlX_EjT4tok7373oJlVkqmP3BaSWDk9PcdBSUASyj7\/s728\/ProtectMyTooling.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhSKGFPM_KojZEjFJ2K9TDcmJ0kuVNoeM_64Urm4n5e42LE0AiR3EbGH5QVkabBTCxgcWLp_Hd5GB1c4yp9fVHYhzRFuvjNnsM9SWmORi2wLTl9CyiNkNi6DFM4cYIDQBUSDmS9ruzjH5vzAlrlX_EjT4tok7373oJlVkqmP3BaSWDk9PcdBSUASyj7\/s728\/ProtectMyTooling.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":35413,"url":"https:\/\/kalilinuxtutorials.com\/hooka\/","url_meta":{"origin":22875,"position":5},"title":"Hooka : Advanced Shellcode Loader Generation With Enhanced Evasion Techniques","author":"Varshini","date":"December 9, 2024","format":false,"excerpt":"Hooka is able to generate shellcode loaders with multiple capabilities. It is also based on other tools like BokuLoader, Freeze or Shhhloader, and it tries to implement more evasion features. Why in Golang? Why not? Features This tool is able to generate loaders with this features: Multiple shellcode injection techniques:\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/22875","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=22875"}],"version-history":[{"count":16,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/22875\/revisions"}],"predecessor-version":[{"id":22956,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/22875\/revisions\/22956"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/22891"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=22875"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=22875"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=22875"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}