Process Injection Tool Updates
In the post I will highlight few updates that are made to improve the code base & add long pending features to the Process Injection Tool that I wrote for learning about various Process Injection techniques and to enhance my knowledge about C# and Windows API.
New Features:1) Encryption - Added XOR & AES encryption support with custom key that needs to be passed to decrypt the shellcode at runtime. To encrypt the shellcode I have wrote another tool Obfuscator. I have wrote another short blog post for Obfuscator tool that can be found here. The tool currently only supports XOR & AES encryption. Obfuscated shellcode might help operator's to evade static detection while trying to inject the shellcode into remote process.
2) RAW Shellcode - The tool now also accepts the shellcode in raw format. This might be helpful for user's who want's to directly pass the shellcode file generated from tools such as Donut without converting or encoding it to any specify readable format such as c,csharp or base64 encoding.