About OWASP-ZSC
OWASP ZSC is opened upwards source software written inwards python which lets yous generate customized shellcodes too convert scripts to an obfuscated script. This software tin dismiss endure run on Windows/Linux/OSX amongst Python two or 3.
What is shellcode?: Shellcode is a pocket-sized codes inwards Assembly language which could endure used equally the payload inwards software exploitation. Other usages are inwards malwares, bypassing antiviruses, obfuscated codes...
You tin dismiss read to a greater extent than about OWASP-ZSC inwards these link:
- OWASP ZSC Tool Project - OWASP
- Document: OWASP ZSC · GitBook (Legacy)
- Home page: OWASP ZSC | OWASP ZCR Shellcoder
- Features: OWASP ZSC | OWASP ZCR Shellocder Available Features
- Archive: ZCR-Shellcoder-Archive
- Mailing List: Google Groups
- API: api.z3r0d4y.com
Another skillful argue for obfuscating files or generating shellcode amongst OWASP-ZSC is that it tin dismiss endure used during your pen-testing. Malicious hackers usage these techniques to bypass anti-virus too charge malicious files inwards systems they accept hacked using customized shellcode generators. Anti-virus locomote amongst signatures inwards lodge to set harmful files. When using rattling good known encoders such equally
msfvenom, files generated past times this programme mightiness endure already flagged past times Anti-virus programs.Our role is non to render a way to bypass anti-virus amongst malicious intentions, instead, nosotros desire to render pen-testers a way to challenge the safety provided past times Anti-virus programs too Intrusion Detection systems during a pen test.In this way, they tin dismiss verify the safety merely equally a black-hat volition do.
According to other shellcode generators same equally Metasploit tools too etc, OWASP-ZSC using novel encodes too methods which antiviruses won't detect. OWASP-ZSC encoders are able to generate musical rhythm codes amongst random encodes too that allows yous to generate thousands of novel dynamic shellcodes amongst the same project inwards merely a second, that means, yous volition non larn the same code if yous usage random encodes amongst same commands, And that brand OWASP-ZSC one of the best! During the Google Summer of Code nosotros are working on to generate Windows Shellcode too novel obfuscation methods. We are working on the side past times side version that volition allow yous to generate OSX.
OWASP-ZSC Installation:
You must install Metasploit and Python two or three first:
- For Debian-based distro users:
sudo apt install python2 python3 metasploit-framework - For Arch Linux based distro users:
sudo pacman -S python2 python3 metasploit - For Windows users: Download Python too Metasploit here.
sudo): DISCLAIMER: THIS SOFTWARE WAS CREATED TO CHALLENGE ANTIVIRUS TECHNOLOGY, RESEARCH NEW ENCRYPTION METHODS, AND PROTECT SENSITIVE OPEN SOURCE FILES WHICH INCLUDE IMPORTANT DATA. CONTRIBUTORS AND OWASP FOUNDATION WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.
An example of OWASP-ZSC
0 comments:
Post a Comment