Skip to content

akkuman/gSigFlip

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.github/workflows
.github/workflows
 
 
cmd/gSigFlip
cmd/gSigFlip
 
 
.gitignore
.gitignore
 
 
.goreleaser.yml
.goreleaser.yml
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
sigFlip.go
sigFlip.go
 
 

Repository files navigation

gSigFlip

A SigFlip implement in golang, SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) in a way that doesn't affect or break the existing authenticode signature, in other words you can change PE file checksum/hash by embedding data (i.e shellcode) without breaking the file signature, integrity checks or PE file functionality.

you can use SigFlip/Golang to execute the shellcode in the generated file

Usage

Usage of gSigFlip.exe:
  -out string
        output pe file path (default "out.exe")
  -pe string
        pe file path which you want ot hide data
  -sf string
        the path of the file where shellcode is stored
  -tag string
        the tag you want to use, support "\x1a \xdf" "\x1a\xdf" "1a, df" "1a df" (default "fe ed fa ce fe ed fa ce")
  -xor string
        the xor key you want to use

As a Package

Please view cmd/gSigFlip/main.go

Reference

About

A SigFlip implement in golang

Resources

Readme
Activity

Stars

37 stars

Watchers

3 watching

Forks

8 forks
Report repository

Releases 2

v1.1.20211110 Latest
Nov 10, 2021
+ 1 release

Packages

No packages published

Languages