{"id":28747,"date":"2023-04-13T04:59:06","date_gmt":"2023-04-13T04:59:06","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=28747"},"modified":"2023-04-13T04:59:09","modified_gmt":"2023-04-13T04:59:09","slug":"apcldr","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/apcldr\/","title":{"rendered":"APCLdr : Payload Loader With Evasion Features"},"content":{"rendered":"\n<p><strong>APCLdr <\/strong>is a Payload Loader With Evasion Features.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Features:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>no crt functions imported<\/li>\n\n\n\n<li>indirect syscalls using <a href=\"https:\/\/github.com\/Maldev-Academy\/HellHall\">HellHall<\/a><\/li>\n\n\n\n<li>api hashing using <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/blob\/main\/APCLdr\/Win32.c#L111\">CRC32<\/a> hashing algorithm<\/li>\n\n\n\n<li>payload encryption using rc4 &#8211; payload is saved in .rsrc<\/li>\n\n\n\n<li>Payload injection using APC calls &#8211; alertable thread<\/li>\n\n\n\n<li>Payload execution using APC &#8211; alertable thread<\/li>\n\n\n\n<li>Execution delation using <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/blob\/main\/APCLdr\/APCLdr.c#L66\">MsgWaitForMultipleObjects<\/a> &#8211; edit <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/blob\/main\/APCLdr\/Common.h#L6\">this<\/a><\/li>\n\n\n\n<li>the total size is 8kb + the payload size<\/li>\n\n\n\n<li>compatible with <strong>LLVM (clang-cl)<\/strong> Option<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr#usage\"><\/a><\/h3>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Usage:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Use <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/tree\/main\/Builder\">Builder<\/a> to update the <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/blob\/main\/APCLdr\/PayloadFile.pf\">PayloadFile.pf<\/a> file, that&#8217;ll be the encrypted payload to be saved in the .rsrc section of the loader<\/li>\n\n\n\n<li>Compile as x64 Release<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr#debugging\"><\/a><\/h3>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"font-style:normal;font-weight:600\">Debugging:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Change <em>Linker&gt;SubSystem<\/em> from <strong>\/SUBSYSTEM:WINDOWS<\/strong> to <strong>\/SUBSYSTEM:CONSOLE<\/strong><\/li>\n\n\n\n<li>Set the loader in debug mode (uncomment <a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\/blob\/main\/APCLdr\/Debug.h#L7\">this<\/a>)<\/li>\n\n\n\n<li>build as release as well<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr#thanks-for\"><\/a><\/h3>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Thanks For:<\/strong><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.x86matthew.com\/view_post?id=writeprocessmemory_apc\">https:\/\/www.x86matthew.com\/view_post?id=writeprocessmemory_apc<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/github.com\/vxunderground\/VX-API\">https:\/\/github.com\/vxunderground\/VX-API<\/a><\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/NUL0x4C\/APCLdr#tested-with-cobalt-strike--havoc-on-windows-10\"><\/a><\/h4>\n\n\n\n<p><strong>Tested with cobalt strike &amp;&amp; Havoc on windows 10<\/strong><\/p>\n\n\n\n<div class=\"wp-block-buttons is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button aligncenter\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/github.com\/NUL0x4C\/APCLdr\" target=\"_blank\" rel=\"noreferrer noopener\">Click Here To Download<\/a><\/div>\n<\/div>\n\n\n\n<p class=\"has-text-align-center has-background\" style=\"background-color:#f4f4f4\"><strong>Please consider&nbsp;<a href=\"https:\/\/www.linkedin.com\/company\/kali-linux-tutorials\/\" target=\"_blank\" rel=\"noreferrer noopener\">following and supporting<\/a>&nbsp;us to stay updated with the latest information.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>APCLdr is a Payload Loader With Evasion Features. Features: Usage: Debugging: Thanks For: Tested with cobalt strike &amp;&amp; Havoc on windows 10 Please consider&nbsp;following and supporting&nbsp;us to stay updated with the latest information.<\/p>\n","protected":false},"author":4,"featured_media":28751,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[5992,1085,5858],"class_list":["post-28747","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-apcldr","tag-evasion","tag-payload-loader"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>APCLdr : Its A Payload Loader With Evasion Features<\/title>\n<meta name=\"description\" content=\"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that&#039;ll be the encrypted payload to be saved\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/apcldr\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"APCLdr : Its A Payload Loader With Evasion Features\" \/>\n<meta property=\"og:description\" content=\"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that&#039;ll be the encrypted payload to be saved\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/apcldr\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-04-13T04:59:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-13T04:59:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"APCLdr : Payload Loader With Evasion Features\",\"datePublished\":\"2023-04-13T04:59:06+00:00\",\"dateModified\":\"2023-04-13T04:59:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/\"},\"wordCount\":172,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\",\"keywords\":[\"APCLdr\",\"evasion\",\"Payload Loader\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/apcldr\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/\",\"name\":\"APCLdr : Its A Payload Loader With Evasion Features\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\",\"datePublished\":\"2023-04-13T04:59:06+00:00\",\"dateModified\":\"2023-04-13T04:59:09+00:00\",\"description\":\"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that'll be the encrypted payload to be saved\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/apcldr\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"APCLdr : Its A Payload Loader With Evasion Features","description":"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that'll be the encrypted payload to be saved","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/apcldr\/","og_locale":"en_US","og_type":"article","og_title":"APCLdr : Its A Payload Loader With Evasion Features","og_description":"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that'll be the encrypted payload to be saved","og_url":"https:\/\/kalilinuxtutorials.com\/apcldr\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-04-13T04:59:06+00:00","article_modified_time":"2023-04-13T04:59:09+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"APCLdr : Payload Loader With Evasion Features","datePublished":"2023-04-13T04:59:06+00:00","dateModified":"2023-04-13T04:59:09+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/"},"wordCount":172,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","keywords":["APCLdr","evasion","Payload Loader"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/apcldr\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/","url":"https:\/\/kalilinuxtutorials.com\/apcldr\/","name":"APCLdr : Its A Payload Loader With Evasion Features","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","datePublished":"2023-04-13T04:59:06+00:00","dateModified":"2023-04-13T04:59:09+00:00","description":"APCLdr is a Payload Loader With Evasion Features .Use Builder to update the PayloadFile.pf file, that'll be the encrypted payload to be saved","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/apcldr\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/apcldr\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg_eJbmc2M6AXeXF7anWWq4IV1qpR1fN_CHiqCQCDfLVnTKASTbVoqqC1dS6TuPxeQDIsOIulAgnZS3BHIRPmartc7tng1gaXhNUHSY_xdXlf2XmFSaN7KOpLzbxYnFOpngcxRL-R7XPqFGYg9YPaRcLi-Kjsh3wxKNKUsoHK9018axWSHcgiqqnLdo\/s728\/kali%20temp(2).png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":28283,"url":"https:\/\/kalilinuxtutorials.com\/terraldr\/","url_meta":{"origin":28747,"position":0},"title":"TerraLdr : A Payload Loader Designed With Advanced Evasion Features","author":"R K","date":"February 14, 2023","format":false,"excerpt":"TerraLdr is a Payload Loader Designed With Advanced Evasion Features. Details no crt functions imported syscall unhooking using KnownDllUnhook api hashing using Rotr32 hashing algo payload encryption using rc4 - payload is saved in .rsrc process injection - targetting 'SettingSyncHost.exe' ppid spoofing & blockdlls policy using NtCreateUserProcess stealthy remote process\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyntKKc91ZuKTJlYE-2cP1uV0dpxzQm750GfMfoFbtIG8o0IE7XNk0t93HiZyLc2sKhq7Q8bompRUY1MkexZlPi3hAnTiJ8bvujCAdMlt0Z078glqzav5OU9njKrUG1F4He83o3O03ym-n0rLNfk1XOwkWawnG68amYcdYtSjY-ofI92X2q9mMD2fg\/s728\/TerraLdr3.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyntKKc91ZuKTJlYE-2cP1uV0dpxzQm750GfMfoFbtIG8o0IE7XNk0t93HiZyLc2sKhq7Q8bompRUY1MkexZlPi3hAnTiJ8bvujCAdMlt0Z078glqzav5OU9njKrUG1F4He83o3O03ym-n0rLNfk1XOwkWawnG68amYcdYtSjY-ofI92X2q9mMD2fg\/s728\/TerraLdr3.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyntKKc91ZuKTJlYE-2cP1uV0dpxzQm750GfMfoFbtIG8o0IE7XNk0t93HiZyLc2sKhq7Q8bompRUY1MkexZlPi3hAnTiJ8bvujCAdMlt0Z078glqzav5OU9njKrUG1F4He83o3O03ym-n0rLNfk1XOwkWawnG68amYcdYtSjY-ofI92X2q9mMD2fg\/s728\/TerraLdr3.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgyntKKc91ZuKTJlYE-2cP1uV0dpxzQm750GfMfoFbtIG8o0IE7XNk0t93HiZyLc2sKhq7Q8bompRUY1MkexZlPi3hAnTiJ8bvujCAdMlt0Z078glqzav5OU9njKrUG1F4He83o3O03ym-n0rLNfk1XOwkWawnG68amYcdYtSjY-ofI92X2q9mMD2fg\/s728\/TerraLdr3.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":35296,"url":"https:\/\/kalilinuxtutorials.com\/ulfberht\/","url_meta":{"origin":28747,"position":1},"title":"Ulfberht : Advanced Techniques For Shellcode Loading And Evasion","author":"Varshini","date":"November 27, 2024","format":false,"excerpt":"Ulfberht is a sophisticated shellcode loader designed to enhance operational security and evasion capabilities in cyber operations. Equipped with features like indirect syscalls, module stomping, and encrypted payloads, it minimizes the digital footprint on targeted systems. This article delves into Ulfberht's functionality, offering a step-by-step guide on its deployment and\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjnGAdS2LvFqOhcFvmA6kPYoWgAogm3VIuolKPIx58AnXDBw-z-rBAuioJs_JRdE82UaRN-tNZn1af-yUkzh_pIbt1wh26IekK3IR95-fw72K3iS26Rje3rT_LwyJLgorVmY-MtcSuu1EN50R71i7voZ3_SkPra33hYUYdgEucD99_ZWFzRErLKmD0wwgIi\/s1600\/Ulfberht%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":32583,"url":"https:\/\/kalilinuxtutorials.com\/chaildr\/","url_meta":{"origin":28747,"position":2},"title":"ChaiLdr &#8211; AV Evasive Payload Loader : Unveiling Next-Gen Evasion Capabilities","author":"Varshini","date":"April 2, 2024","format":false,"excerpt":"ChaiLdr - AV Evasive Payload Loader represents a cutting-edge approach in malware development, blending innovative evasion techniques to bypass modern antivirus solutions. Crafted with advanced concepts learned in malware engineering, this tool introduces a new level of sophistication in delivering payloads undetected. From indirect syscalls and API hammering to HTTP\/S\u2026","rel":"","context":"In &quot;Malware&quot;","block_context":{"text":"Malware","link":"https:\/\/kalilinuxtutorials.com\/category\/malware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgZ41pMpm57LYwPb-p1_vWv2dXIbWIbcThqvEJjgGVf5UsR7qi2hedUL30-HQ0X55uONlKF9dIjpN_SNwhdoSupJiFgaMrEYRnm-cylv9ajPru_i1qVEInxTH7-ZbpKQZ7EEjj__nA5rkoXx4F50B0kkMLmKs8BkD6dP4xKemIaP9LqFZcwZxHhLoNuhdrp\/s16000\/ChaiLdr%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":30578,"url":"https:\/\/kalilinuxtutorials.com\/maldevacademyldr-1\/","url_meta":{"origin":28747,"position":3},"title":"MaldevAcademyLdr.1 &#8211; Advanced EXE Loader Unveiled","author":"Varshini","date":"October 3, 2023","format":false,"excerpt":"It is our latest innovation in cybersecurity tools. This EXE loader goes beyond conventional designs, offering advanced features for robust system interactions. With a focus on enhanced security and sophisticated integration capabilities, it's set to revolutionize the way users interface with executable files. Quick Links Maldev Academy Home Maldev Academy\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6XXyT2SqPt9QWyNkEcwbhMK8aXr_nZUI0QXwMhK9hLd-3P3ikrmSN3thseFHribolZ09p5-kxsk6hZJPknSv4yBWeWDsGuhumkh03IYlUnC77JSC2Wji3GGeSFQuw-QK4k9swK8hi7AReBH4JTRk6VZDjgTHIyNm2ZTwrc_FLZRtJdhMm5liAUtSZug\/s16000\/maldev.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":35413,"url":"https:\/\/kalilinuxtutorials.com\/hooka\/","url_meta":{"origin":28747,"position":4},"title":"Hooka : Advanced Shellcode Loader Generation With Enhanced Evasion Techniques","author":"Varshini","date":"December 9, 2024","format":false,"excerpt":"Hooka is able to generate shellcode loaders with multiple capabilities. It is also based on other tools like BokuLoader, Freeze or Shhhloader, and it tries to implement more evasion features. Why in Golang? Why not? Features This tool is able to generate loaders with this features: Multiple shellcode injection techniques:\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh1q82H7u4-OCqea0NREv05fAEws7ZYjswsEWKpQaw54CHMwp_pIgmsviPJMz85T88azhQNukGGjKvOFXz2nrrdS38l4XnisyPVzySoX1YeK0oirvrfsRFWPbih7oWhgfmEg4maiPcs1vyKFtAUAg6GrHBqCBcwj5ESDv8FhZUdjbOynhCeWsLGBWwNtWja\/s1600\/Hooka%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":28058,"url":"https:\/\/kalilinuxtutorials.com\/lazzzy\/","url_meta":{"origin":28747,"position":5},"title":"laZzzy : Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques","author":"R K","date":"December 23, 2022","format":false,"excerpt":"laZzzy is a shellcode loader that demonstrates different execution techniques commonly employed by malware. laZzzy was developed using different open-source header-only libraries. Features Direct syscalls and native (Nt*) functions (not all functions but most) Import Address Table (IAT) evasion Encrypted payload (XOR and AES) Randomly generated key Automatic padding (if\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiIb7zkLuBaCpoxHOQVpN6A9PZ_BUjk3VBKHHszmxq6JsmjWHEsH8-uhhB91yRN2OhB6uRGRyrTQ2llNk4GJ4G-yy9lS69OrNXRf-97k9m_vFDSv1JctF7s9pvaS_vUqkuuAEesTAAD__sydbXJu5QOWpfVytT0XwCaXHNIOzYmVFih7D19WXbqVMHp\/s1248\/laZzzy%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiIb7zkLuBaCpoxHOQVpN6A9PZ_BUjk3VBKHHszmxq6JsmjWHEsH8-uhhB91yRN2OhB6uRGRyrTQ2llNk4GJ4G-yy9lS69OrNXRf-97k9m_vFDSv1JctF7s9pvaS_vUqkuuAEesTAAD__sydbXJu5QOWpfVytT0XwCaXHNIOzYmVFih7D19WXbqVMHp\/s1248\/laZzzy%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiIb7zkLuBaCpoxHOQVpN6A9PZ_BUjk3VBKHHszmxq6JsmjWHEsH8-uhhB91yRN2OhB6uRGRyrTQ2llNk4GJ4G-yy9lS69OrNXRf-97k9m_vFDSv1JctF7s9pvaS_vUqkuuAEesTAAD__sydbXJu5QOWpfVytT0XwCaXHNIOzYmVFih7D19WXbqVMHp\/s1248\/laZzzy%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiIb7zkLuBaCpoxHOQVpN6A9PZ_BUjk3VBKHHszmxq6JsmjWHEsH8-uhhB91yRN2OhB6uRGRyrTQ2llNk4GJ4G-yy9lS69OrNXRf-97k9m_vFDSv1JctF7s9pvaS_vUqkuuAEesTAAD__sydbXJu5QOWpfVytT0XwCaXHNIOzYmVFih7D19WXbqVMHp\/s1248\/laZzzy%281%29.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiIb7zkLuBaCpoxHOQVpN6A9PZ_BUjk3VBKHHszmxq6JsmjWHEsH8-uhhB91yRN2OhB6uRGRyrTQ2llNk4GJ4G-yy9lS69OrNXRf-97k9m_vFDSv1JctF7s9pvaS_vUqkuuAEesTAAD__sydbXJu5QOWpfVytT0XwCaXHNIOzYmVFih7D19WXbqVMHp\/s1248\/laZzzy%281%29.png?resize=1050%2C600&ssl=1 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28747","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=28747"}],"version-history":[{"count":7,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28747\/revisions"}],"predecessor-version":[{"id":28889,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28747\/revisions\/28889"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/28751"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=28747"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=28747"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=28747"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}