Trending repositories for topic shellcode
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Evasive shellcode loader for bypassing event-based injection detection (PoC)
A post exploitation framework designed to operate covertly on heavily monitored environments
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
A set of Linux binary exploitation tasks for beginners on various architectures
Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A set of Linux binary exploitation tasks for beginners on various architectures
A post exploitation framework designed to operate covertly on heavily monitored environments
Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Evasive shellcode loader for bypassing event-based injection detection (PoC)
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
A post exploitation framework designed to operate covertly on heavily monitored environments
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
windows kernel security development
This tool will allow you to spoof the return addresses of your functions as well as system functions.
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this...
Small and convenient C2 tool for Windows targets. [ Русский -- значит нахуй! ]
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compil...
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Evasive shellcode loader for bypassing event-based injection detection (PoC)
Open repository for learning dynamic shellcode loading (sample in many programming languages)
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
Supernova 的中文版和扩展了一些加密方式(ROT, XOR, RC4, AES, CHACHA20, B64XOR, B64RC4, B64AES, B64CHACHA20)
ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
The most advanced GUI Frontend RAT for MacOS and OSX distro using XPC's Exploitation.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
A post exploitation framework designed to operate covertly on heavily monitored environments
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
various docs (that are interesting, or not, depending on the point of view...)
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Security researchers identified this technique which uses a simplif...
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compil...
A tool for developing bad character-free shellcode to bypass DEP with WriteProcessMemory (32-bit only)
An easily modifiable shellcode template for Windows x64 written in C
Python Exploitation is a collection of special tools for providing high quality penetration testing using pure python programming language.
🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.