About OWASP-ZSC
OWASP ZSC is open source software written in python which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX with Python 2 or 3.
What is shellcode?: Shellcode is a small codes in Assembly language which could be used as the payload in software exploitation. Other usages are in malwares, bypassing antiviruses, obfuscated codes...
You can read more about OWASP-ZSC in these link:
- OWASP ZSC Tool Project - OWASP
- Document: OWASP ZSC · GitBook (Legacy)
- Home page: OWASP ZSC | OWASP ZCR Shellcoder
- Features: OWASP ZSC | OWASP ZCR Shellocder Available Features
- Archive: ZCR-Shellcoder-Archive
- Mailing List: Google Groups
- API: api.z3r0d4y.com
Another good reason for obfuscating files or generating shellcode with OWASP-ZSC is that it can be used during your pen-testing. Malicious hackers use these techniques to bypass anti-virus and load malicious files in systems they have hacked using customized shellcode generators. Anti-virus work with signatures in order to identify harmful files. When using very well known encoders such as
msfvenom, files generated by this program might be already flagged by Anti-virus programs.Our purpose is not to provide a way to bypass anti-virus with malicious intentions, instead, we want to provide pen-testers a way to challenge the security provided by Anti-virus programs and Intrusion Detection systems during a pen test.In this way, they can verify the security just as a black-hat will do.
According to other shellcode generators same as Metasploit tools and etc, OWASP-ZSC using new encodes and methods which antiviruses won't detect. OWASP-ZSC encoders are able to generate shell codes with random encodes and that allows you to generate thousands of new dynamic shellcodes with the same job in just a second, that means, you will not get the same code if you use random encodes with same commands, And that make OWASP-ZSC one of the best! During the Google Summer of Code we are working on to generate Windows Shellcode and new obfuscation methods. We are working on the next version that will allow you to generate OSX.
OWASP-ZSC Installation:
You must install Metasploit and Python 2 or 3 first:
- For Debian-based distro users:
sudo apt install python2 python3 metasploit-framework - For Arch Linux based distro users:
sudo pacman -S python2 python3 metasploit - For Windows users: Download Python and Metasploit here.
sudo):DISCLAIMER: THIS SOFTWARE WAS CREATED TO CHALLENGE ANTIVIRUS TECHNOLOGY, RESEARCH NEW ENCRYPTION METHODS, AND PROTECT SENSITIVE OPEN SOURCE FILES WHICH INCLUDE IMPORTANT DATA. CONTRIBUTORS AND OWASP FOUNDATION WILL NOT BE RESPONSIBLE FOR ANY ILLEGAL USAGE.
An example of OWASP-ZSC
- Beginner Hacker Tools
- Hak5 Tools
- Pentest Tools
- New Hack Tools
- Pentest Tools Find Subdomains
- Hacker Tools Hardware
- Hacking Tools Windows 10
- Hacking Tools Software
- Computer Hacker
- Pentest Tools Apk
- Hacker Tools Free Download
- Nsa Hack Tools
- Hack Tools Download
- Hacking Tools Software
- Hacker Tools Online
- Hacking Tools For Windows
- Pentest Tools List
- Pentest Tools Apk
- Hacking Tools Download
- Pentest Tools Framework
- Blackhat Hacker Tools
- World No 1 Hacker Software
- Hacker Tools Online
- Hacking Tools Software
- Hack Website Online Tool
- Hacking Tools And Software
No comments:
Post a Comment