Dear friends,
We are proud to announce that Shellter Pro v3.0 is officially under development.
Since the first release of Shellter Pro our main goal was to complement the community edition of Shellter with extra features.
These features had two main objectives.
First, it was about enhancing user experience (for example the EFD, and multi-payload chaining features) while at the same time we wanted to enhance also the AV evasion results by giving to the user extra options, such as adding support for DLL files and also incorporating a PE target file size increase functionality.
However, we thought that is was about time to give a greater focus to the AV evasion capabilities that is also the primary purpose of this tool.
Someone might ask why we didn’t just focus only on that in the first place. The answer is simple. Even though a tool must first fulfill its main purpose, a tool has also to be user-friendly and give more options to the user to improvise as required.
To give an example on this, the EFD feature that is irrelevant with AV evasion dramatically enhances the user experience in more advanced scenarios. A user can take advantage of this feature to create faster scripts that incorporate Shellter.
On the other hand, the multi-payload chaining feature offers the potential to chain multiple payloads with a single injection which increases the chances of success if one payload fails. For example, chaining a reverse_tcp with a reverse_https payload increases the chances of success if one of the two fails to connect back for any reason that might be.
In a few words, we believe that the extra effort that we put to all the side-features of Shellter Pro really did worth it, and we certainly hope that you feel the same.
Going back to the upcoming Shellter Pro v3.0, we are happy to say that most work around this new version is related to AV evasion.
Particularly, we have focused on making several things even more dynamic than they used to be by eliminating small things that were static, and thus could be potentially used to target our generated binaries by AV signatures.
We are not implying that generating reliable and FP-free AV signatures would be an easy task, but since we keep an eye on them as they do on us, we decided to jump forward and win this race before they do.
So yeah, you must expect more polymorphic and sophisticated output, but without breaking the natural balance of things that makes creating signatures for an infected binary not a trivial task.
Additionaly, we are working on adding more instructions in the obfuscation engine to make even more difficult finding a reliable detection pattern, while the obfuscated code will look even more…let’s say not obfuscated.
There are even more features coming up in Shellter Pro v3.0, but we don’t want to spoil all the fun for you right now.
However, we thought that it was the right time to give some heads-up about what is going on around Shellter Pro.
GO PRO!
Cheers,
kyREcon