Become a sponsor to midnite_runr
Hello hackers!
I restarted development of BDF/BDFProxy in July 2020. Now BDF/BDFProxy is in Stable Alpha as of July 30, 2021.
Sponsor me and I will continue to support the new version of The Backdoor Factory and BDFProxy (which is now one tool), write new tools, and publish research to my sponsors.
Current tools and Research:
- BDF-ng with new file infection methods!
- Updated SigThief!
- Thunderbird Extension Loading 🤫
- EncryptAgit - open source!
Future Tools & Research:
- More file infection methods
- An updated Environmental Keying Framework like Ebowla
- TinCanTelephone - a method to use existing wifi APs as repeaters.
- and more..
BDF Roadmap:
Legend:
Y == Yes, Implemented
N == No
X == Feature Conflict
RM = Roadmap
TBD = To be determined.
There are additional features such as patchlets, and future improvements such as test cases with redistributable binaries and patching research not included here.
Windows
PE Files
Item | hook entry | Text Loader | control Flow Guard (CFG) Hooking | Import Address Table (IAT) Payloads | Custom Encoder | DLL Export Hooking | TLS Injection | off-entry hooking |
---|---|---|---|---|---|---|---|---|
x86 | Y | TBD | RM | Y | RM | RM | RM | RM |
x64 | Y | Y | Y | Y | Y | Y | RM | RM |
Aarch64 (arm) | RM | RM | RM | RM | RM | RM | RM | RM |
hook entry | Y | Y | Y | Y | N | X | X | X |
Text Loader | X | Y | Y | Y | Y | Y | X | X |
DLL Export Hooking | X | Y | Y | Y | Y | Y | X | X |
TLS Injection | X | X | TBD | RM | RM | X | RM | X |
Off-entry hooking | X | X | X | RM | RM | N | X | RM |
MacOS
Item | pre text infection | hook entry | off-entry point hooking | Dylib export hooking | Custom Encoder |
---|---|---|---|---|---|
x86_64 | Y | RM | RM | RM | TBD |
aarch64 | Y | RM | RM | RM | TBD |
Nix (Linux/Unix)
Item | ET_EXE | ET_DYN | text splitting | text off entry | hook entry | Shared Objects |
---|---|---|---|---|---|---|
i386 linux | Y | TBD | Y | Y | TBD | TBD |
x86_64 linux | Y | Y | Y | Y | RM | RM |
armv7 32bit | Y | TBD | RM | RM | RM | RM |
armv8 64 bit | RM | RM | RM | RM | RM | RM |
x86_64 BSD | Y | RM | Y | Y | RM | RM |
Featured work
-
secretsquirrel/the-backdoor-factory
Patch PE, ELF, Mach-O binaries with shellcode new version in development, available only to sponsors
Python 3,327 -
secretsquirrel/BDFProxy
Patch Binaries via MITM: BackdoorFactory + mitmProxy.
Python 994 -
secretsquirrel/SigThief
Stealing Signatures and Making One Invalid Signature at a Time
Python 2,139 -
secretsquirrel/fido
Teaching old shellcode new tricks
Python 203 -
secretsquirrel/DerbyCon2018Slides
Slides from my
$14 a month
SelectThe Lone Hacker - Stable Release Tier
You enjoy my work and you want to support it. Thank you!
Perks
- Access to Stable Projects
- Monthly update from me about progress on current developments and where I'm going with development and research.
- Access to research specific repos about a month after the Dev sponsors.
$19 a month
SelectThe Lurker - Dev Branch Tier
You enjoy my work, and to support it, and want to see it before it is stable!
Perks
- Stable branch access
- Development branch access to all my projects. You will be able to see my progress as it happens, play with the code, and laugh at my poor git skills.
Additionally, you'll get access to research that I deem sharable before it is released to Stable Tier and the public (if at all).
$29 a month
SelectThe Awesome Hacker - Steering Tier
You enjoy my work and want to support it, but the other tiers feel too low due to the type of work that I am releasing and the value that you get.
Perks
- Stable and development code branches (and research),
- Discord server. So you can ask me questions directly, ask for new features, and help drive new features of BDF-ng/BDFProxy-ng or other projects.
$249 a month
SelectCorporate Sponsorship
With this you are signaling that your company finds my work important. You'll get access to the discord server, all research and code, a company license, your logo on my GitHub landing page, and the ability to help steer my projects.