FalconZero - A stealthy, targeted Windows Loader for delivering second-stage payloads(shellcode) to the host machine undetected

(268 views)

Introducing FalconZero v1.0 - a stealthy, targeted Windows Loader for delivering second-stage payloads(shellcode) to the host machine undetected - first public release version Loader/Dropper of the FALCONSTRIKE project Features Dynamic shellcode execution Usage of Github as the payload storage area - the payload is fetched from Github Targeted implant Loader - only execute on targeted assets - thwart automated malware analysis and hinder reverse engineering on non-targeted assets Killdates - implant expires after a specific date Stealthy shellcode injection technique without allocating RWX memory pages in victim process to evade AV/EDRs - currently injects to explorer.exe Sensitive strings encrypted using XOR Payload Compatibility Metasploit Covenant C2 Cobalt Strike SILENTTRINITY Faction C2 Throwback And support for many more... The ones mentioned in the list are the ones verified by the testing team. Usage There are many hard things in life but generating an implant shouldn't be one. This is the reason....

May 11, 2020
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.