whiskers/phorcy-stealer
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
phorcy-stealer/loader
History
unknown 0b60404558 Full refactor/better docs
2026-02-01 04:09:42 +01:00
..
stager
Full refactor/better docs
2026-02-01 04:09:42 +01:00
utils/nimwinreg
Full refactor/better docs
2026-02-01 04:09:42 +01:00
README.md
Full refactor/better docs
2026-02-01 04:09:42 +01:00

README.md

[SECRET//DNR]

Secret//DO NOT RELEASE.

Documentation of all files found in this folder.

loader.nim

Takes an input bytearray and writes it to disk as first CLI argument when run. format: [seq[byte]](@[0x40,0x80]

encfile.nim

Has multiple functions to encrypt text and/or files (streams) with AES-256 derived using HMAC (SHA512_256). Max. password size 1024 characters. Tested. Is suitable for sensitive data. Has a fingerprint/is detectable.

OFFENSIVEencfile.nim

Very stripped-down encryption tool. Takes a stream and encrypts it (AES256 with HMAC SHA512_256). No max. password size. Has a fingerprint/is detectable.

Packer.nim

Ideally a "packer"/loader for the main stage. Still very experimental and needs heavy rework.

checkfile.nim

Basic program that uses direct/hidden syscalls to know if a file exists. Undetectable in normal conditions. Can be chained with other direct syscalls to copy sensitive files.

Browser.nim

Uses direct syscalls to know if Firefox and Chrome are installed. Afterwards, steals the files, puts them in an encrypted archive and encrypts it with AES-256 (HMAC SHA512_256 derivation). Undetectable in theory and practice. Spoofs PID.

bsod.nim

Serves a BSOD to targets on Windows.

basicadware.nim

Basic adware. Selects messages based on a pool. FUD.

mic_reg.nim

[Broken] Checks if Windows OSD is enabled.

Reference in New Issue View Git Blame Copy Permalink