IEEE

Identification of Arbitrary Length Shellcode for the Intel x64 Architecture as a NOP Sled

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...
USENIX

An Encrypted Payload Protocol and Target-Side Scripting Engine

Modern exploit payloads in commercial and open-source penetration testing frameworks have grown much more advanced than the traditional shellcode they replaced. These payloads permit interactive ...
IEEE

Detection of Malicious Network Traffic using Convolutional Neural Networks

Abstract: Networks are typically exposed to various attacks such as Denial of Service, Shellcode, and Fuzzers with increasing connectivity of users and organizations. It is crucial to detect such ...
USENIX

Polymorphic Blending Attacks

In the continuing arms race in computer and network security, a common trend is that attackers are employing polymorphic techniques. Toolkits such as ADMmutate [17], PHATBOT [10], and CLET [5] are ...
GitHub

Double Venom (DVenom)

These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. To generate c# source code that contains encrypted shellcode. Note that ...
GitHub

Example of run-time manual PLT in C.

TL;DR: Write a C program that calls libc functions, compile it to a shellcode, load it in memory. Featuring function scraping from ELF as "procedure linkage", code & compilation tricks, and more. If ...