Trending repositories for topic shellcode
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported compil...
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
An easily modifiable shellcode template for Windows x64 written in C
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported compil...
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
An easily modifiable shellcode template for Windows x64 written in C
A collection of LLVM transform and analysis passes to write shellcode in regular C
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported compil...
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
A flexible PE loader, loading module in memory. Most of the functions can be inline, compatible for shellcode.
windows kernel security development
Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported compil...
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
A flexible PE loader, loading module in memory. Most of the functions can be inline, compatible for shellcode.
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.
Tool to evade Antivirus With Different Techniques
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
TFRv2 : Remote control Access, used as a Bypasser for Anti Virus (Software) and Penetrate a FLAGSHIP Such as Android, Windows, and MacOS.
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
Supernova 的中文版和扩展了一些加密方式(ROT, XOR, RC4, AES, CHACHA20, B64XOR, B64RC4, B64AES, B64CHACHA20)
ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
The most advanced GUI Frontend RAT for MacOS and OSX distro. Penetrate the SSL and Security system of Unix.
一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.
Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
Moneta is a live usermode memory analysis tool for Windows with the capability to detect malware IOCs
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
windows kernel security development
Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.
A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.
various docs (that are interesting, or not, depending on the point of view...)
🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around kuser_shared_data. supported compil...
DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Security researchers identified this technique which uses a simplif...
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
A tool for developing bad character-free shellcode to bypass DEP with WriteProcessMemory (32-bit only)
An easily modifiable shellcode template for Windows x64 written in C
Python Exploitation is a collection of special tools for providing high quality penetration testing using pure python programming language.
