Note: This post is for ethical purposes only.

Viper is a RAT based malware that was able to go undetected by almost all of today’s anti viruses, which includes Kaspersky, Avast, McAfee, Symantec and many more to name which is developed by . It is a windows based RAT or windows 10 x32bit to be specific but it also works under x64 bit architecture, you simply have to specify to the compiler that it is a 32bit code.

How does the malware work?

Although there is a lot in the malware to explain but to make it precise, I…

Yes. As we know a router works in layer 3 of OSI-model. It only knows what is in layer 3 and below, such as IP, Port and MAC address, that is it.

Before jumping on how the attack is done, let us know the basics.

3-Way Handshake

Every time you access a server such as google, a three way handshake is done to create a session.

  1. The client sends a Syn (Synchronize number) request to the server, meaning: I want to talk to you, Here is my Syn number
  2. The server then sends back a Syn and Ack (Acknowledge) number in response…

By now we know that most of the shellcodes generated by metasploit can be detected by any antivirus.

So, lets learn, how to develop our own shellcode with whatever we wish the shellcode to do.

Before we start developing our shellcode we need to learn coding in basic assembly as we will be using assembly instructions to create our shellcode.

Basics of Assembly?

A computer CPU only understand one language, which is binary (0 and 1). Since it is really hard for us to code in binary. We can use one of the higher human understandable languages. …

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store