Cryptography and Encryption Exploitation Tools Video Tutorials

How to Create Undetectable Python Payloads that Bypass Antiviruses – Kali Linux 2017.3

  • NXcrypt is a polymorphic ‘python backdoors’ crypter written in python by Hadi Mene (h4d3s) . The output is fully undetectable.
  • NXcrypt can inject malicious python file into a normal file with multi-threading system.
  • Run it with superuser’s permissions.
  • NXcrypt output is Fully undetectable.

Backdooring Module:

Alt text

Encryption Module:

Alt text


  • sudo ./ – – # encrypt and output file is
  • sudo ./ – # encrypt and default output file is but you can edit it in source code
  • sudo ./ –help # NXcrypt help
  • sudo ./ – – – # inject with into with multi-threading system

How it works:

  • Encryption module:
    NXcrypt add some junkcode.
    NXcrypt use a python internal module ‘py_compile’ who compile the code into bytecode to a .pyc file.
    NXcrypt convert .pyc file into normal .py file.
    And in this way we can obfuscate the code
    The md5sum will change too
  • Injection module:
    it inject a malicious python file into a normal file with multi-threading system.

Test with Virustotal

SHA256: e2acceb6158cf406669ab828d338982411a0e5c5876c2f2783e247b3e01c2163 File name: Detection ratio: 2 / 54

SHA256: 362a4b19d53d1a8f2b91491b47dba28923dfec2d90784961c46213bdadc80add File name: Detection ratio: 0 / 55



About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: