Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Additional feature #24

Open
G0ne opened this issue Jun 28, 2023 · 1 comment
Open

Additional feature #24

G0ne opened this issue Jun 28, 2023 · 1 comment

Comments

@G0ne
Copy link

G0ne commented Jun 28, 2023

This tool is awesome, the only thing that is missing in my opinion is to have an optional feature to build a PE containing the .bin code generated
so,
1 mode ( the actual one ): generate the .bin from an .exe with all the evasion techniques used by the tool to evade security solutions
2 mode ( the one i suggest ): generate the .bin from and exe and build another .exe ( that can support also console interation like mimikatz ) and containing the .bin code that can run with all the evasion techniques used by the tool to evade security solutions

@EgeBalci
Copy link
Owner

EgeBalci commented Jul 3, 2023

Earlier versions of the Amber was able to generate PE files for executing the generated payload. It is removed intentionally. The main reason is, maintaining a open source and fully undetectable evasion project is simply impossible. Keeping the generated EXE file undetectable requires a lot of effort, and at the end it will eventually get detected because it is opensource. This tool is already doing the heavy lifting for you by converting a PE file to an encoded shellcode. The rest should be up to the user.

Repository owner deleted a comment Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants