Readme_en.md

All Resource Collection Projects

Shellcode

• Shellcode Resources, 150+Tools, 500+Blog Post
• 中文Version

Directory

• development
  • shellen -> (1)Tools (2)Post
  • exploit -> (1)Tools (13)Post
  • encode && decode -> (9)Tools (14)Post
  • (9) Tools
  • (56) Post
• execute && inject
  • inject -> (13)Tools (34)Post
  • execute -> (1)Tools (23)Post
  • (22) Tools
  • (6) Post
• generate -> (16)Tools (24)Post
• convert -> (11)Tools (3)Post
• analysis
  • exploit ->
  • (5) Tools
  • (53) Post
• BypassXxx
  • AV -> (5)Tools (9)Post
  • (5) Tools
  • (12) Post
• ARM -> (2)Tools (9)Post
• Other
  • Tools
    • (1) Collection
    • (64) Recent Add
    • (6) Other
  • Post
    • (262) Recent Add

development

---

shellen

Tools

• [706Star][1y] [Py] merrychap/shellen an interactive shellcoding environment.

Post

• 2018.03 [freebuf] Shellen：交互式shellcode开发环境
• 2018.02 [pediy] [翻译] Shellen-交互式shellcode开发环境

---

exploit

Tools

• [8Star][4y] [Py] sectool/python-shellcode-buffer-overflow Shellcode / Buffer Overflow

Post

• 2018.04 [pediy] [翻译]Windows漏洞利用开发 - 第4部分：使用跳转定位Shellcode
• 2017.09 [shogunlab] Zero Day Zen Garden: Windows Exploit Development - Part 3 [Egghunter to Locate Shellcode]
• 2017.08 [shogunlab] Zero Day Zen Garden: Windows Exploit Development - Part 2 [JMP to Locate Shellcode]
• 2017.05 [abatchy] Exploit Dev 101: Jumping to Shellcode
• 2016.06 [digitaloperatives] Exploiting Weak Shellcode Hashes to Thwart Module Discovery; or, Go Home, Malware, You’re Drunk!
• 2016.01 [pediy] [翻译]Windows Exploit开发系列教程第六部分：WIN32 shellcode编写
• 2016.01 [pediy] [翻译]exploit开发教程第六章-shellcode
• 2015.08 [ly0n] Avoiding badchars & small buffers with custom shellcode – OdinSecureFTPclient SEH exploit
• 2015.08 [ly0n] Avoiding badchars & small buffers with custom shellcode – OdinSecureFTPclient SEH exploit
• 2014.03 [beefproject] Exploiting with BeEF Bind shellcode
• 2014.01 [securitysift] Windows Exploit Development – Part 5: Locating Shellcode With Egghunting
• 2013.12 [securitysift] Windows Exploit Development – Part 4: Locating Shellcode With Jumps
• 2008.01 [pediy] [原创]exploit_me_A的shellcode构造与突破

---

encode && decode

Tools

• [89Star][4y] [Py] mothran/unicorn-decoder Simple shellcode decoder using unicorn-engine
• [51Star][1y] [Py] ecx86/shellcode_encoder x64 printable shellcode encoder
• [45Star][4y] [Py] eteissonniere/elidecode The tool to decode obfuscated shellcodes using the unicorn and capstone engine
• [29Star][2y] [Py] ihack4falafel/slink Alphanumeric Shellcode (x86) Encoder
• [27Star][7m] [Py] blacknbunny/encdecshellcode Shellcode Encrypter & Decrypter With XOR Cipher
• [13Star][1y] [Py] veritas501/ae64 basic amd64 alphanumeric shellcode encoder
• [12Star][2m] [Perl 6] anon6372098/faz-shc Faz-SHC is a program that can be encrypted the text you give to a Shellcode. Simple and coded with Perl. Coded by M.Fazri Nizar.
• [2Star][1y] [Makefile] sh3llc0d3r1337/slae32-custom-encoder SLAE32 Assignment #4 - Custom Shellcode
• [0Star][10m] pcsxcetra/equationeditorshellcodedecoder Tool to decode the encoded Shellcode of this type found in office documents

Post

• 2019.11 [rapid7] Metasploit Shellcode Grows Up: Encrypted and Authenticated C Shells
• 2019.11 [aliyun] Shellcode编码技术
• 2019.05 [pcsxcetrasupport3] A deeper look at Equation Editor CVE-2017-11882 with encoded Shellcode
• 2019.03 [cybersecpolitics] The Lost Art of Shellcode Encoder/Decoders
• 2018.07 [doyler] Shellcode XOR Encoder and Decoder for Linux (x86)
• 2017.08 [360] SLAE：如何开发自定义的RBIX Shellcode编码解码器
• 2015.07 [bigendiansmalls] Building shellcode, egghunters and decoders.
• 2015.03 [freebuf] Huffy：哈夫曼编码的shellcode
• 2015.02 [skullsecurity] GitS 2015: Huffy (huffman-encoded shellcode)
• 2014.12 [zerosum0x0] x64 Shellcode Byte-Rotate Encoder
• 2014.04 [volatility] Building a Decoder for the CVE-2014-0502 Shellcode
• 2012.08 [debasish] Experiment With Run Time Encryption/Decryption of Win32 ShellCodes
• 2012.05 [pediy] [原创]shellcode xor编码/解码
• 2008.08 [pediy] [原创]shellcode的一种ascii编码方法

---

Tools

• [513Star][3y] [Py] reyammer/shellnoob A shellcode writing toolkit
• [189Star][1y] [Py] thesecondsun/shellab Linux and Windows shellcode enrichment utility
• [184Star][8m] [C++] jackullrich/shellcodestdio An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
• [115Star][4y] [C++] lcatro/vuln_javascript a JavaScript Execute Envirment which study browser vuln and how to write Shellcode
• [95Star][2y] [Py] invictus1306/workshop-bsidesmunich2018 ARM shellcode and exploit development - BSidesMunich 2018
• [75Star][6m] [C++] shellvm/shellvm A collection of LLVM transform and analysis passes to write shellcode in regular C
• [15Star][4y] [Assembly] novicelive/shellcoding Introduce you to shellcode development.
• [6Star][3y] [Java] jlxip/shellcode-ide An IDE for creating shellcodes.
• [3Star][2y] [C] wanttobeno/study_shellcode windows平台下功能性shellcode的编写

---

Post

• 2020.01 [aliyun] shellcode编写过程总结
• 2019.06 [nytrosecurity] Writing shellcodes for Windows x64
• 2019.04 [4hou] Windows x86 Shellcode开发：寻找Kernel32.dll地址
• 2019.02 [X0x0FFB347] Writing a Custom Shellcode Encoder
• 2019.02 [aliyun] 用ARM编写shellcode
• 2019.01 [fuzzysecurity] Writing shellcode to binary files
• 2019.01 [fuzzysecurity] Part 6: Writing W32 shellcode
• 2019.01 [freebuf] 过年不屯点干货吗，Windows平台高效Shellcode编程技术实战｜精品公开课
• 2019.01 [ly0n] [BOOK] Shellcode writting in Windows environments
• 2019.01 [ly0n] [BOOK] Shellcode writting in Windows environments
• 2018.11 [4hou] FreeBSD上编写x86 Shellcode初学者指南
• 2018.08 [pediy] [原创]《0day安全...（第二版）》第3章第4节开发通用的shellcode在win10系统下测试的问题
• 2018.08 [360] 路由器漏洞复现终极奥义——基于MIPS的shellcode编写
• 2018.07 [pediy] [翻译]二进制漏洞利用（一）编写ARMshellcode&理解系统函数
• 2018.03 [aliyun] Windows下Shellcode编写详解
• 2018.02 [freebuf] Sickle：推荐一款优质ShellCode开发工具
• 2018.02 [aliyun] Linux下shellcode的编写
• 2017.09 [secist] 我的shellcode编写之路 |MSF| Shellcode | kali linux 2017
• 2017.06 [360] Shellcode编程之特征搜索定位GetProcAddress
• 2017.06 [skullsecurity] Solving b-64-b-tuff: writing base64 and alphanumeric shellcode
• 2017.05 [360] Windows x64 shellcode编写指南
• 2017.05 [freebuf] 如何编写高质量的Windows Shellcode
• 2017.05 [pediy] [翻译]Windows平台下的Shellcode代码优化编写指引
• 2017.03 [4hou] HEVD 内核攻击: 编写Shellcode（三）
• 2017.01 [360] shellcode编程：在内存中解析API地址
• 2016.06 [paraschetal] Writing your own shellcode.
• 2016.02 [freebuf] Windows平台shellcode开发入门（三）
• 2016.02 [securitycafe] Introduction to Windows shellcode development – Part 3
• 2016.01 [freebuf] Windows平台shellcode开发入门（二）
• 2016.01 [freebuf] Windows平台shellcode开发入门（一）
• 2016.01 [securitygossip] When Every Byte Counts – Writing Minimal Length Shellcodes
• 2016.01 [sjtu] When Every Byte Counts – Writing Minimal Length Shellcodes
• 2015.12 [securitycafe] Introduction to Windows shellcode development – Part 2
• 2015.10 [securitycafe] Introduction to Windows shellcode development – Part 1
• 2015.02 [freebuf] Windows平台下高级Shellcode编程技术
• 2015.02 [pediy] [原创]windows平台下的高级shellcode编程技术
• 2015.02 [topsec] windows平台下高级shellcode编程技术
• 2014.08 [pediy] [原创]Masm宏框架 简单编写复杂的ShellCode
• 2014.07 [] 使用C编写shellcode
• 2013.12 [pediy] [原创]编写二进制的shellcode
• 2013.06 [pediy] [原创]PE感染&ShellCode编写技术补充
• 2013.05 [toolswatch] ShellNoob v1.0 – Shellcode Writing Toolkit
• 2013.04 [reyammer] ShellNoob 1.0 - a shellcode writing toolkit
• 2012.09 [pediy] [原创]Android系统shellcode编写
• 2012.06 [] shellcode的编写与关键
• 2011.06 [pediy] [原创]MASM之ShellCode框架编写[合并帖]
• 2010.10 [pediy] [原创]Win 7下定位kernel32.dll基址及shellcode编写
• 2010.09 [pediy] [翻译]Exploit 编写系列教程第九篇Win32 Shellcode编写入门
• 2010.05 [elearnsecurity] Writing OS Independent Shellcode
• 2010.03 [pediy] [原创]Writing JIT-Spray Shellcode for fun and profit - CHS[更新完整版]
• 2010.01 [pediy] [原创]编写反连ShellCode遇到的难点并解决之总结
• 2009.11 [pediy] [翻译]Exploit编写系列教程第二篇: 栈溢出——跳至shellcode
• 2009.07 [corelan] Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode
• 2009.01 [pediy] [翻译]写一段小型溢出代码（译自：Writing Small Shellcode）
• 2008.01 [pediy] [原创]ShellCode编写之hash式函数调用及相关
• 2006.07 [pediy] [原创]VC8编写ShellCode以及辅助工具

execute && inject

---

inject

Tools

• [126Star][2y] [C++] gpoulios/ropinjector Patching ROP-encoded shellcodes into PEs
• [108Star][1m] [C++] josh0xa/threadboat uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application
• [85Star][3y] [C] countercept/doublepulsar-usermode-injector A utility to use the usermode shellcode from the DOUBLEPULSAR payload to reflectively load an arbitrary DLL into another process, for use in testing detection techniques or other security research.
• [63Star][8y] [Py] sensepost/anapickle Toolset for writing shellcode in Python's Pickle language and for manipulating pickles to inject shellcode.
• [60Star][2m] [Py] psychomario/pyinject A python module to help inject shellcode/DLLs into windows processes
• [43Star][5y] [Py] borjamerino/tlsinjector Python script to inject and run shellcodes through TLS callbacks
• [27Star][2y] [Py] taroballzchen/shecodject shecodject is a autoscript for shellcode injection by Python3 programing
• [20Star][3m] [Go] binject/shellcode Shellcode library as a Go package
• [19Star][5y] [C] jorik041/cymothoa Cymothoa is a backdooring tool, that inject backdoor's shellcode directly into running applications. Stealth and lightweight...
• [16Star][3y] [PLpgSQL] michaelburge/redshift-shellcode Example of injecting x64 shellcode into Amazon Redshift
• [14Star][2y] chango77747/shellcodeinjector_msbuild
• [10Star][1y] [C++] egebalci/injector Simple shellcode injector.
• [8Star][2y] [C++] xiaobo93/unmodule_shellcode_inject 无模块注入工程 VS2008

Post

• 2019.12 [aliyun] 手工shellcode注入PE文件
• 2019.11 [4hou] 代码注入技术之Shellcode注入
• 2019.11 [ColinHardy] Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
• 2019.09 [freebuf] 远程进程Shellcode注入调试技巧
• 2019.08 [4hou] 远程进程shellcode注入调试技巧
• 2019.06 [360] Arm平台Ptrace注入shellcode技术
• 2018.10 [pediy] [原创]代替创建用户线程使用ShellCode注入DLL的小技巧
• 2018.09 [pediy] [分享]绝对牛逼哄哄的shellcode内存注入,支持64,32,远程内存注入,支持VMP壳最大强度保护
• 2018.08 [freebuf] sRDI：一款通过Shellcode实现反射型DLL注入的强大工具
• 2018.05 [cobaltstrike] PowerShell Shellcode Injection on Win 10 (v1803)
• 2017.12 [pentesttoolz] Shecodject – Autoscript for Shellcode Injection
• 2017.12 [MalwareAnalysisForHedgehogs] Malware Analysis - ROKRAT Unpacking from Injected Shellcode
• 2017.11 [freebuf] Metasploit自动化Bypass Av脚本：Shecodject X Shellcode Injection
• 2017.10 [pediy] [原创]通过Wannacry分析内核shellcode注入dll技术
• 2017.08 [silentbreaksecurity] sRDI – Shellcode Reflective DLL Injection
• 2015.12 [dhavalkapil] Shellcode Injection
• 2015.12 [n0where] Dynamic Shellcode Injection: Shellter
• 2015.10 [freebuf] Kali Shellter 5.1：动态ShellCode注入工具 绕过安全软件
• 2015.08 [christophertruncer] Injecting Shellcode into a Remote Process with Python
• 2015.08 [pediy] [原创]纯C++编写Win32/X64通用Shellcode注入csrss进程.
• 2015.07 [BsidesLisbon] BSidesLisbon2015 - Shellter - A dynamic shellcode injector - Kyriakos Economou
• 2015.06 [freebuf] 动态Shellcode注入工具 – Shellter
• 2015.06 [shelliscoming] TLS Injector: running shellcodes through TLS callbacks
• 2014.08 [toolswatch] Shellter v1.7 A Dynamic ShellCode Injector – Released
• 2014.06 [toolswatch] [New Tool] Shellter v1.0 A Dynamic ShellCode Injector – Released
• 2013.06 [debasish] Injecting Shellcode into a Portable Executable(PE) using Python
• 2013.05 [trustedsec] Native PowerShell x86 Shellcode Injection on 64-bit Platforms
• 2013.05 [pediy] [原创]内核ShellCode注入的一种方法
• 2012.10 [hackingarticles] Cymothoa – Runtime shellcode injection Backdoors
• 2012.09 [hackingarticles] PyInjector Shellcode Injection attack on Remote PC using Social Engineering Toolkit
• 2012.08 [trustedsec] New tool PyInjector Released – Python Shellcode Injection
• 2011.07 [firebitsbr] Syringe utility provides ability to inject shellcode into processes
• 2007.01 [pediy] 《The Shellcoder's handbook》第十四章_故障注入
• 2006.02 [pediy] [原创]ShellCode的另外一种玩法(远程线程注入ShellCode)

---

execute

Tools

• [77Star][2m] [C] dimopouloselias/simpleshellcodeinjector receives as an argument a shellcode in hex and executes it

Post

• 2019.09 [4hou] Windows shellcode执行技术入门指南
• 2019.07 [contextis] A Beginner’s Guide to Windows Shellcode Execution Techniques
• 2019.03 [countercept] Dynamic Shellcode Execution
• 2019.03 [countercept] Dynamic Shellcode Execution
• 2019.01 [t00ls] 投稿文章：Bypass Applocker + 免杀执行任意 shellcode [ csc + installUtil ]
• 2017.09 [] ShellCode执行代码iptables -P INPUT ACCEPT
• 2017.04 [osandamalith] Executing Shellcode Directly
• 2017.01 [360] 利用原生Windows函数执行shellcode
• 2016.12 [evi1cg] Office Shellcode Execution
• 2016.10 [qq] 宏病毒利用EnumDateFormats执行Shellcode创建傀进程绕杀软
• 2016.08 [360] CallWindowProc被宏病毒利用来执行Shellcode
• 2016.06 [modexp] Shellcode: Execute command for x32/x64 Linux / Windows / BSD
• 2016.03 [modexp] Shellcodes: Executing Windows and Linux Shellcodes
• 2015.08 [doyler] Executing Shellcode with Python
• 2014.11 [BSidesCHS] BSidesCHS 2013 - Session 02 - Java Shellcode Execution
• 2014.07 [pediy] [原创]从内核在WOW64进程中执行用户态shellcode
• 2014.03 [sevagas] Hide meterpreter shellcode in executable
• 2013.08 [freebuf] 利用vbs优雅的执行shellcode
• 2013.02 [y0nd13] HunnyBunny: Execute any shellcode on the
• 2012.04 [debasish] Execute ShellCode Using Python
• 2010.12 [riusksk] Shellcode分段执行技术原理
• 2009.02 [pediy] [原创]从执行流程看shellcode（一）[附源代码]
• 2008.12 [pediy] [求助]第五章的通用shellcode在password.txt中始终无法正常执行令我好生头痛

---

Tools

• [353Star][6y] [C] inquisb/shellcodeexec Script to execute in memory a sequence of opcodes
• [258Star][1m] [C++] clinicallyinane/shellcode_launcher Shellcode launcher utility
• [235Star][4y] [Py] pyana/pyana Analyzing the Windows shellcode
• [229Star][2m] [Go] brimstone/go-shellcode Load shellcode into a new process
• [153Star][9m] [Assembly] peterferrie/win-exec-calc-shellcode A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)
• [148Star][6m] [Pascal] coldzer0/cmulator ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript
• [129Star][3y] [PS] arno0x/dnsdelivery delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.
• [122Star][3y] [C#] zerosum0x0/runshellcode .NET GUI program that runs shellcode
• [97Star][6m] [PS] rvrsh3ll/cplresourcerunner Run shellcode from resource
• [91Star][11m] [C] fireeye/flare-kscldr 内核中加载Shellcode: 实例、方法与工具
• [73Star][6y] enigma0x3/powershell-payload-excel-delivery Uses Invoke-Shellcode to execute a payload and persist on the system.
• [64Star][1y] [C] emptymonkey/drinkme A shellcode testing harness.
• [57Star][3y] [C] zerosum0x0/shellcodedriver Windows driver to execute arbitrary usermode code (essentially same vulnerability as capcom.sys)
• [55Star][2y] [C++] sisoma2/shellcodeloader Small tool to load shellcodes or PEs to analyze them
• [42Star][1y] [C++] userexistserror/dllloadershellcode Shellcode to load an appended Dll
• [34Star][3y] [Py] n1nj4sec/pymemimporter import pyd or execute PE all from memory using only pure python code and some shellcode tricks
• [26Star][3y] [Ruby] eik00d/reverse_dns_shellcode Revrese DNS payload for Metasploit: Download Exec x86 shellcode. Also DNS Handler and VBS bot (alsow working over DNS) as PoC included.
• [23Star][1m] [Py] thomaskeck/pyshellcode Execute ShellCode / "Inline-Assembler" in Python
• [18Star][3y] [Py] 0xyg3n/mem64 Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
• [15Star][3y] [C++] naxalpha/shellcode-loader Shellcode Loader Engine for Windows
• [4Star][2y] [C] samvartaka/triton_analysis Analysis of the TRITON/TRISIS/HatMan multi-stage PowerPC shellcode payload
• [2Star][3m] [C] brimstone/shellload Load shellcode into a new process, optionally under a false name.

---

Post

• 2018.04 [4hou] 一个可以动态分析恶意软件的工具——Kernel Shellcode Loader
• 2018.04 [fireeye] Loading Kernel Shellcode
• 2017.06 [pediy] [翻译]Windows内核ShellCode的动态加载和调试
• 2017.04 [360] 如何从猫咪图片中加载运行shellcode
• 2017.02 [modexp] Shellcode: Fido and how it resolves GetProcAddress and LoadLibraryA
• 2014.02 [govolution] Writing a download and exec shellcode

generate

---

Tools

• [693Star][1m] [C] thewover/donut Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
• [582Star][2m] [Shell] r00t-3xp10it/venom shellcode generator/compiler/handler (metasploit)
• [552Star][8m] [C++] nytrorst/shellcodecompiler compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows (x86 and x64) and Linux (x86 and x64)
• [493Star][1m] [Py] zdresearch/owasp-zsc Shellcode/Obfuscate Code Generator
• [90Star][3y] [C++] gdelugre/shell-factory C++-based shellcode builder
• [88Star][2m] [Py] alexpark07/armscgen ARM Shellcode Generator
• [80Star][3y] [Py] hatriot/shellme simple shellcode generator
• [63Star][5y] [Py] veil-framework/veil-ordnance Veil-Ordnance is a tool designed to quickly generate MSF stager shellcode
• [40Star][3y] [Py] karttoon/trigen Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
• [37Star][3y] [C++] 3gstudent/shellcode-generater No inline asm,support x86/x64
• [33Star][2y] [HTML] rh0dev/shellcode2asmjs Automatically generate ASM.JS JIT-Spray payloads
• [13Star][4y] zdresearch/zcr-shellcoder-archive ZeroDay Cyber Research - ZCR Shellcoder Archive - z3r0d4y.com Shellcode Generator
• [13Star][1m] [C++] hoodoer/enneos Evolutionary Neural Network Encoder of Shenanigans. Obfuscating shellcode with an encoder that uses genetic algorithms to evolve neural networks to contain and output the shellcode on demand.
• [10Star][2m] [C#] clonemerge/shellgen Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical shellcode output standard.
• [4Star][2y] [Shell] thepisode/linux-shellcode-generator Experiments on Linux Assembly shellcodes injection
• [1Star][4m] [Py] ins1gn1a/woollymammoth Toolkit for manual buffer exploitation, which features a basic network socket fuzzer, offset pattern generator and detector, bad character identifier, shellcode carver, and a vanilla EIP exploiter

---

Post

• 2019.07 [aliyun] 生成可打印的shellcode
• 2019.07 [4hou] Shellcode生成工具Donut测试分析
• 2019.06 [3gstudent] Shellcode生成工具Donut测试分析
• 2018.12 [HackerSploit] Generating Shellcode With Msfvenom
• 2018.10 [pediy] [原创] 抛砖引玉之gcc生成可可携带字符串的shellcode
• 2018.06 [doyler] Execve Shellcode – Includes Arguments and Generator!
• 2018.03 [pediy] [原创]简陋的小工具:DWORD数组形式拷贝shellcode内容;裸函数生成
• 2018.02 [pentesttoolz] VENOM 1.0.15 – Metasploit Shellcode Generator/Compiler/Listener
• 2017.08 [zerosum0x0] Obfuscated String/Shellcode Generator - Online Tool
• 2017.07 [pediy] [原创]开源ShellCode生成引擎
• 2017.07 [msreverseengineering] The Synesthesia Shellcode Generator: Code Release and Future Directions
• 2017.05 [abatchy] ROT-N Shellcode Encoder/Generator (Linux x86)
• 2017.04 [360] 生成自己的Alphanumeric/Printable shellcode
• 2017.02 [4hou] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
• 2017.01 [christophertruncer] Shellcode Generation, Manipulation, and Injection in Python 3
• 2017.01 [3gstudent] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
• 2017.01 [3gstudent] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
• 2016.02 [hackingarticles] Exploitation of Windows PC using Venom: Shellcode Generator
• 2016.02 [freebuf] 工具推荐：Shellsploit，ShellCode生成器
• 2016.01 [n0where] Shellcode Generator: Venom
• 2015.02 [govolution] Null Free Windows WinExec Shellcode & Tool for generating Payload
• 2014.04 [securityblog] How to generate shellcode from custom exe in metasploit
• 2012.05 [freebuf] phpcodegen-library[php生成shellcode函数库]
• 2007.11 [pediy] [原创]生成一个关于URLDownloadToFile的shellcode机器码

convert

---

Tools

• [635Star][4m] [PS] monoxgas/srdi Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode
• [407Star][3m] [Assembly] hasherezade/pe_to_shellcode Converts PE into a shellcode
• [79Star][2y] [Py] blacknbunny/shellcode2assembly
• [49Star][8m] [C] w1nds/dll2shellcode dll转shellcode工具
• [34Star][5y] [C++] 5loyd/makecode Dll Convert to Shellcode.
• [18Star][3y] [Py] after1990s/pe2shellcode pe2shellcode
• [12Star][1m] [Py] davinci13/exe2shell Converts exe to shellcode.
• [10Star][3y] [Perl] gnebbia/shellcoder Create shellcode from executable or assembly code
• [5Star][10m] [C++] giantbranch/convert-c-javascript-shellcode C与javascript格式的shellcode相互转换小工具
• [2Star][7y] [C] hamza-megahed/binary2shellcode binary to shellcode converter
• [0Star][6y] [Py] yatebyalubaluniyat/rawshellcode2exe converts raw shellcode to exe

---

Post

• 2017.11 [pediy] [原创]【Python】使用Python将Shellcode转换成汇编
• 2017.11 [freebuf] 如何把shellcode转换成exe文件分析
• 2015.12 [hexacorn] Converting Shellcode to Portable Executable (32- and 64- bit)

analysis

---

exploit

---

Tools

• [203Star][2y] [Py] rootlabs/smap Handy tool for shellcode analysis
• [166Star][2y] [C] oalabs/blobrunner Quickly debug shellcode extracted during malware analysis
• [39Star][4y] [Py] dungtv543/dutas Analysis PE file or Shellcode
• [38Star][5y] [C++] adamkramer/jmp2it Transfer EIP control to shellcode during malware analysis investigation
• [11Star][5y] [Py] debasishm89/qhook qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.

---

Post

• 2019.10 [sentinelone] Building A Custom Tool For Shellcode Analysis
• 2019.04 [freebuf] Xori：一款针对PE32和Shellcode的自动化反编译与静态分析库
• 2019.03 [sans] "VelvetSweatshop" Maldocs: Shellcode Analysis
• 2019.01 [360] 对某HWP漏洞样本的shellcode分析
• 2018.10 [MSbluehat] BlueHat v18 || Linear time shellcode detection using state machines and operand analysis on the runtime
• 2018.09 [ironcastle] Analyzing Encoded Shellcode with scdbg, (Mon, Sep 24th)
• 2018.09 [sans] Analyzing Encoded Shellcode with scdbg
• 2018.09 [dist67] Using scdbg to analyze shellcode
• 2018.09 [ironcastle] Video: Using scdbg to analyze shellcode, (Sat, Sep 8th)
• 2018.09 [sans] Another quickie: Using scdbg to analyze shellcode
• 2018.08 [doyler] Metasploit Shellcode Analysis – read_file via ndisasm (SLAE Exam #5.1)
• 2018.06 [nao] Analyzing Shellcode of GrandSoft's CVE-2018-8174
• 2018.05 [pediy] [原创]od逆向分析栈溢出shellcode
• 2018.02 [sans] Analyzing compressed shellcode
• 2017.07 [360] EternalBlue Shellcode详细分析
• 2017.05 [360] NSA武器库：DoublePulsar初始SMB后门shellcode分析
• 2017.04 [zerosum0x0] DoublePulsar Initial SMB Backdoor Ring 0 Shellcode Analysis
• 2017.03 [cysinfo] Episode 3 – Shellcode Analysis with APITracker
• 2016.12 [360] 恶意文档分析：从宏指令到Shellcode
• 2016.11 [dist67] Hancitor Maldoc: Shellcode Dynamic Analysis
• 2016.02 [miasm] Dynamic shellcode analysis
• 2016.01 [freebuf] Shellcode分析工具PyAna
• 2015.07 [tencent] Hacking Team Mac OSX 64位 Shellcode 技术分析
• 2015.07 [riusksk] Hacking Team 武器库研究（五）：Mac OSX 64位 Shellcode 技术分析
• 2015.06 [pediy] [原创]格盘的shellcode分析
• 2015.02 [pediy] [原创]解析coff文件之提取shellcode代码
• 2015.01 [checkpoint] Diving into a Silverlight Exploit and Shellcode – Analysis and Techniques | Check Point Software Blog
• 2014.12 [sans] Analyzing Shellcode Extracted from Malicious RTF Documents
• 2014.12 [jowto] 某EXCEL漏洞样本shellcode分析
• 2014.12 [thembits] RIG Exploit Kit - Shellcode analysis
• 2014.09 [radare] Adventures with Radare2 #1: A Simple Shellcode Analysis
• 2014.09 [radare] Adventures with Radare2 #1: A Simple Shellcode Analysis
• 2014.07 [pediy] [原创]一段 shellcode 代码的分析
• 2014.01 [govolution] SLAE Assignment 5: Shellcode Analysis
• 2011.11 [pediy] [原创]简单Shellcode的详细分析
• 2011.09 [beistlab] 한글 제로데이 쉘코드 간략 분석 (Quick analyzing HanGul 0day shellcode)
• 2011.03 [pediy] [原创]POC分析助手-ShellcodeDumper
• 2011.03 [pediy] [原创]一个word溢出样本的shellcode分析
• 2010.09 [pediy] [原创]CVE-2006-2389漏洞shellcode解析
• 2010.09 [pediy] [原创]CVE-2010-1297漏洞shellcode简析
• 2010.06 [forcepoint] Crypto-Analysis in Shellcode Detection
• 2010.01 [hexblog] PDF file loader to extract and analyse shellcode
• 2009.10 [pediy] [原创]windows下的shellcode剖析浅谈
• 2009.06 [microsoft] Shellcode Analysis via MSEC Debugger Extensions
• 2009.03 [alienvault] Ossim: Shellcode Detection and Analysis
• 2008.10 [pediy] [原创]一个word溢出样本ShellCode的分析
• 2008.09 [sans] Static analysis of Shellcode - Part 2
• 2008.09 [sans] Static analysis of Shellcode
• 2008.06 [pediy] [原创]flash漏洞所用shellcode的分析
• 2007.12 [pediy] [技术专题]软件漏洞分析入门_6_初级shellcode_定位缓冲区
• 2007.06 [pediy] [原创]一份shellcode的详细分析
• 2007.04 [msreverseengineering] Shellcode Analysis
• 2006.11 [pediy] [原创]用softice对doc捆绑木马或exe文件的程序的shellcode分析

BypassXxx

---

AV

Tools

• [322Star][1m] [C#] hackplayers/salsa-tools ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
• [195Star][1y] [Py] mr-un1k0d3r/unibyav a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.
• [177Star][3y] [Py] arno0x/shellcodewrapper Shellcode wrapper with encryption for multiple target languages
• [84Star][2y] [C] hvqzao/foolavc foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
• [78Star][1m] [Py] k8gege/scrun BypassAV ShellCode Loader (Cobaltstrike/Metasploit)

Post

• 2020.03 [freebuf] 远控免杀从入门到实践（8）-shellcode免杀实践
• 2020.02 [aliyun] 那些shellcode免杀总结
• 2019.12 [aliyun] shellcode加密过杀软
• 2019.05 [4hou] 绕过杀软：通过网络接收ShellCode的无文件攻击方式与检测方法
• 2017.08 [modexp] Shellcode: Windows API hashing with block ciphers ( Maru Hash )
• 2017.03 [4hou] 免杀的艺术：史上最全的汇编Shellcode的技巧（三）
• 2017.03 [pentest] Art of Anti Detection 3 – Shellcode Alchemy
• 2015.09 [] 使用shellcode打造MSF免杀payload
• 2013.08 [] encode msf shellcode绕过杀毒

---

Tools

• [262Star][2y] [Py] cryptolok/morphaes polymorphic shellcode engine, with metamorphic properties and capability to bypass sandboxes, which makes it undetectable for an IDPS
• [226Star][7m] [Py] infosecn1nja/maliciousmacromsbuild Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
• [159Star][3m] [Py] rvn0xsy/cooolis-ms Cooolis-ms is a server that supports the Metasploit Framework RPC. It is used to work with the Shellcode and PE loader. To some extent, it bypasses the static killing of anti-virus software, and allows the Cooolis-ms server to communicate with the Metasploit server. Separation.
• [154Star][2m] [C#] fireeye/duedlligence Shellcode runner for all application whitelisting bypasses
• [3Star][2y] [Py] manojcode/foxit-reader-rce-with-virualalloc-and-shellcode-for-cve-2018-9948-and-cve-2018-9958 Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap

---

Post

• 2019.11 [freebuf] 红蓝对抗之如何利用Shellcode来躲避安全检测
• 2019.03 [360] 如何利用OOB数据绕过防火墙对shellcode的拦截
• 2018.07 [pediy] [翻译]English Shellcode - 散文化Shellcode - 绕过对有效载荷的静态检测的思路
• 2017.08 [pediy] [原创][原创]给shellcode找块福地－ 通过VDSO绕过PXN
• 2017.04 [4hou] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
• 2017.03 [4hou] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
• 2017.03 [3gstudent] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
• 2017.03 [3gstudent] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
• 2017.03 [3gstudent] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
• 2017.03 [3gstudent] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
• 2012.08 [pediy] [原创]一种反检测的Shellcode GetPC方法Flush GetPC
• 2011.12 [greyhathacker] Bypassing EMET’s EAF with custom shellcode using kernel pointer

ARM

---

Tools

• [180Star][3m] [C] odzhan/shellcode Shellcodes for Windows/Linux/BSD running on x86, AMD64, ARM, ARM64
• [41Star][1y] [Assembly] therealsaumil/arm_shellcode Make ARM Shellcode Great Again

---

Post

• 2019.06 [hitbsecconf] #HITB2019AMS D1T1 - Make ARM Shellcode Great Again - Saumil Shah
• 2019.04 [X0x0FFB347] Shellcode for IoT: A Password-Protected Reverse Shell (Linux/ARM)
• 2019.02 [senr] Why is My Perfectly Good Shellcode Not Working?: Cache Coherency on MIPS and ARM
• 2018.10 [Cooper] Hack.lu 2018: Make ARM Shellcode Great Again - Saumil Udayan Shah
• 2018.02 [modexp] Shellcode: Encryption Algorithms in ARM Assembly
• 2017.09 [modexp] Shellcode: Linux ARM (AArch64)
• 2017.09 [modexp] Shellcode: Linux ARM Thumb mode
• 2016.08 [arxiv] [1608.03415] ARMv8 Shellcodes from 'A' to 'Z'
• 2015.07 [osandamalith] Getting Shellcode from ARM Binaries

Other

---

Tools

Collection

• [981Star][1m] [Py] nullsecuritynet/tools Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

Recent Add

• [179Star][2y] [PS] mattifestation/pic_bindshell Position Independent Windows Shellcode Written in C
• [156Star][3y] [Py] secretsquirrel/fido Teaching old shellcode new tricks
• [155Star][4y] [C] ixty/xarch_shellcode Cross Architecture Shellcode in C
• [148Star][4y] [Py] kgretzky/python-x86-obfuscator This is a WIP tool that performs shellcode obfuscation in x86 instruction set.
• [129Star][4y] [Assembly] osirislab/shellcode a repository of Shellcode written by students in NYU-Polytechnic's ISIS lab.
• [124Star][6y] tombkeeper/shellcode_template_in_c
• [115Star][5y] [C] mariovilas/shellcode_tools Miscellaneous tools written in Python, mostly centered around shellcodes.
• [76Star][2y] [Assembly] zznop/pop-nedry x86-64 Windows shellcode that recreates the Jurassic Park hacking scene (Ah, ah, ah... you didn't' say the magic word!)
• [66Star][4y] [Assembly] scorchsecurity/systorm NASM Standard Library for shellcode
• [60Star][1m] [Py] ohjeongwook/shellcodeemulator Shellcode emulator written with Unicorn
• [60Star][2m] [VBScript] djhohnstein/scatterbrain Suite of Shellcode Running Utilities
• [59Star][4y] [C] k2/admmutate Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others
• [57Star][3m] [C] buffer/libemu x86 emulation and shellcode detection
• [56Star][6y] [C] devzero2000/shellcoderhandbook shellcoderhandbook source code : "The Shellcoder's Handbook: Discovering and Exploiting Security Holes"
• [49Star][4y] [Assembly] t00sh/assembly Collection of Linux shellcodes
• [44Star][3y] [C] p0cl4bs/shellcodes
• [44Star][1m] [Py] offsecginger/pythonaesobfuscate Obfuscates a Python Script and the accompanying Shellcode.
• [43Star][8y] [C] hellman/shtest Simple shellcode testing tool.
• [39Star][4y] [C] laginimaineb/waroftheworlds QSEE Shellcode to directly hijack the "Normal World" Linux Kernel
• [38Star][5m] [Py] desword/shellcode_tools Useful tools for writing shellcode
• [38Star][4y] [Assembly] sh3llc0d3r1337/windows_reverse_shell_1 Windows Reverse Shell shellcode
• [36Star][3y] [Assembly] mortenschenk/token-stealing-shellcode
• [34Star][8m] [C] csandker/inmemoryshellcode A Collection of In-Memory Shellcode Execution Techniques for Windows
• [34Star][2m] [Py] skybulk/bin2sc Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
• [33Star][3y] [Py] mipu94/broids_unicorn simple plugin to detect shellcode on Bro IDS with Unicorn
• [27Star][7y] [C] hacksysteam/shellcodeofdeath Shellcode Of Death
• [26Star][2y] [C] embedi/tcl_shellcode A template project for creating a shellcode for the Cisco IOS in the C language
• [26Star][5m] [C] ufrisk/shellcode64 A minimal tool to extract shellcode from 64-bit PE binaries.
• [25Star][3y] [C] osandamalith/shellcodes My Shellcode Archive
• [25Star][5y] [C++] rootkitsmm/winio-vidix Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )
• [24Star][5y] [C#] tophertimzen/shellcodetester GUI Application in C# to run and disassemble shellcode
• [23Star][5y] [Assembly] zerosum0x0/slae64 x64 Linux Shellcode
• [23Star][3m] [Py] zerosteiner/crimson-forge Sustainable shellcode evasion
• [21Star][4y] [Visual Basic .NET] osandamalith/vbshellcode Making shellcode UD -
• [20Star][2y] [Py] danielhenrymantilla/shellcode-factory Tool to create and test shellcodes from custom assembly sources (with some encoding options)
• [20Star][5m] [Assembly] pinkp4nther/shellcodes I'll post my custom shellcode I make here!
• [20Star][1y] [C] m0rv4i/ridgway A quick tool for hiding a new process running shellcode.
• [19Star][4y] [Assembly] bruce30262/x86_shellcode_tutorial A training course for BambooFox
• [17Star][2y] [Py] hamza-megahed/pentest-with-shellcode Penetration testing with shellcode codes
• [15Star][1m] [C] compilepeace/kaal_bhairav an ELF (ET_EXEC and ET_DYN) infector that infects system binaries with custom shellcode
• [15Star][2y] [Py] nullarray/shellware Persistent bind shell via pythonic shellcode execution, and registry tampering.
• [11Star][8m] [Assembly] egebalci/selfdefense Several self-defense shellcodes
• [10Star][2y] [Py] 1project/scanr Detect x86 shellcode in files and traffic.
• [10Star][3m] [C] hc0d3r/scdump shellcode dumper
• [9Star][11m] [C] eahlstrom/ucui-unicorn ncurses shellcode/instructions tester using unicorn-engine
• [8Star][3y] [Py] breaktoprotect/shellcarver Carve shellcode within the memory using restrictive character set
• [8Star][5y] hoainam1989/shellcode Tut for making Linux Shellcode
• [7Star][3y] [Assembly] mortenschenk/acl_edit Assembly code to use for Windows kernel shellcode to edit winlogon.exe ACL
• [7Star][11m] [C] lnslbrty/bufflow A collection of security related code examples e.g. a buffer overflow including an exploit, crypters, shellcodes and more.
• [6Star][3y] [C] degrigis/exploitation Repo for various exploitation utilities/PoC/Shellcodes/CTF solutions
• [6Star][11m] [Assembly] govolution/win32shellcode
• [4Star][4y] [Assembly] theevilbit/shellcode Some random shellcodes I created
• [2Star][5y] [Assembly] govolution/moreshellcode
• [2Star][2y] hamza-megahed/shellcode Linux/x86 Shellcodes
• [1Star][2y] orf53975/rig-exploit-for-cve-2018-8174 Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page…
• [1Star][3y] [Ruby] shayanzare/obj2shellcode Objdump to ShellCode
• [1Star][6y] [Assembly] stephenbradshaw/shellcode Various shell code I have written
• [1Star][6m] [Assembly] push4d/shellcode-alfanumerico---spawn-bin-sh-elf-x86- PoC Shellcode alfanumerico (Solo numeros y letras (mayúsculas y minúsculas)) para invocar un /bin/sh, ELF x86
• [1Star][10y] [Assembly] skylined/w32-bind-ngs-shellcode Automatically exported from code.google.com/p/w32-bind-ngs-shellcode
• [0Star][2y] [Assembly] felixzhang00/shellcode_example
• [0Star][2y] [Py] orangepirate/cve-2018-9948-9958-exp a exp for cve-2018-9948/9958 , current shellcode called win-calc
• [0Star][5y] [C] quantumvm/forkshellcode Runs and executable and forks shellcode.
• [0Star][4y] [Makefile] sh3llc0d3r1337/slae32-polymorphic-shellcodes SLAE32 Assignment #6 - Polymorphic shellcodes
• [0Star][5y] [Py] wjlandryiii/shellcode my shellcode

Other

• [2425Star][2y] [Py] secretsquirrel/the-backdoor-factory Patch PE, ELF, Mach-O binaries with shellcode (NOT Supported)
• [2209Star][1m] [Py] trustedsec/unicorn Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
• [664Star][1y] [Rust] endgameinc/xori an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
• [470Star][3y] [Py] trustedsec/meterssh a way to take shellcode, inject it into memory then tunnel whatever port you want to over SSH to mask any type of communications as a normal SSH connection.
• [430Star][2m] [C] hasherezade/hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
• [225Star][1m] [PS] outflanknl/excel4-dcom PowerShell and Cobalt Strike scripts for lateral movement using Excel 4.0 / XLM macros via DCOM (direct shellcode injection in Excel.exe)

---

Post

Recent Add

• 2020.02 [3gstudent] 通过Mono(跨平台.NET运行环境)执行shellcode
• 2020.02 [3gstudent] 通过Boolang语言执行shellcode的利用分析
• 2019.12 [johnlatwc] Early Security Stories — Green Shellcode Contest
• 2019.11 [aliyun] shellcode 的艺术
• 2019.08 [osandamalith] Running Shellcode Directly in C
• 2019.08 [code610] ret2shellcode challenge
• 2019.08 [sentinelone] Malicious Input: How Hackers Use Shellcode
• 2019.07 [pcsxcetrasupport3] Those Pesky Powershell Shellcode’s And How To Understand Them
• 2019.07 [gironsec] A Shellcode Idea
• 2019.06 [gironsec] Expiring Shellcode update
• 2019.05 [X0x0FFB347] Solving MalwareTech Shellcode challenges with some radare2 magic!
• 2019.05 [osandamalith] Shellcode to Dump the Lsass Process
• 2019.03 [vkremez] Let's Learn: Dissecting Operation ShadowHammer Shellcode Internals in crt_ExitProcess
• 2019.03 [X0x0FFB347] A Trinity of Shellcode, AES & Go
• 2019.03 [BorjaMerino] One-Way Shellcode for firewall evasion using Out Of Band data
• 2019.03 [shelliscoming] One-Way Shellcode for firewall evasion using Out Of Band data
• 2019.03 [pcsxcetrasupport3] A look at a bmp file with embedded shellcode
• 2019.01 [fuzzysecurity] FreeFloat FTP (custom shellcode)
• 2019.01 [fuzzysecurity] Windows XP PRO SP3 - Full ROP calc shellcode
• 2019.01 [micropoor] Micropoor_shellcode for payload backdoor
• 2019.01 [ironcastle] Maldoc with Nonfunctional Shellcode, (Wed, Jan 2nd)
• 2019.01 [sans] Maldoc with Nonfunctional Shellcode
• 2018.11 [MalwareTech] Beginner Reversing #3 (Shellcode2 & Lab Overview)
• 2018.10 [MalwareTech] Beginner Reversing #2 (Shellcode1 & MEMZ Malware)
• 2018.10 [doyler] Custom Shellcode Crypter – SLAE Exam Assignment #7
• 2018.09 [doyler] Polymorphic Shellcode – SLAE Exam Assignment #6
• 2018.09 [malwarenailed] Reversing shellcode using blobrunner and Olly
• 2018.08 [secist] MMFML-powershell-shellcode
• 2018.08 [doyler] Shellcode Encoding – Random Bytewise XOR (SLAE Exam #4)
• 2018.08 [nightst0rm] Tản mạn về edit shellcode của metasploit
• 2018.08 [trendmicro] Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode
• 2018.08 [doyler] Egg Hunter Shellcode – SLAE Exam Assignment #3
• 2018.07 [doyler] Shell Reverse TCP Shellcode – SLAE Exam Assignment #2
• 2018.07 [doyler] Shell Bind TCP Shellcode – SLAE Exam Assignment #1
• 2018.06 [pediy] [原创]windows下shellcode提取模板的实现
• 2018.06 [doyler] Hello World Shellcode – Now for the fun part!
• 2018.06 [shelliscoming] Windows reuse shellcode based on socket's lifetime
• 2018.05 [aliyun] 溢出过程需要的shellcode测试
• 2018.05 [pentestingexperts] smap: Shellcode mapper
• 2018.05 [rapid7] Hiding Metasploit Shellcode to Evade Windows Defender
• 2018.04 [sploitspren] Linux x86 Polymorphic Shellcode
• 2018.04 [sploitspren] Linux x86 Polymorphic Shellcode
• 2018.04 [venus] Cisco ios shellcode: all-in-one译文
• 2018.04 [aliyun] Coding art in shellcode（3）
• 2018.04 [aliyun] Coding art in shellcode（2）
• 2018.04 [aliyun] Coding art in shellcode（1）
• 2018.02 [360] Windows(x86与x64) Shellcode技术研究
• 2018.01 [trackwatch] Improving custom shellcode detection
• 2017.12 [OALabs] Debugging shellcode using BlobRunner and IDA Pro
• 2017.11 [360] Egg Hunting：一个非常短的shellcode
• 2017.11 [modexp] Shellcode: A Tweetable Reverse Shell for x86 Windows
• 2017.11 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes encodés sur GATEWATCHER sur Windows Server 2008 R2 (Version 2.X minimum)
• 2017.11 [mediaservice] A patch for PowerSploit’s Invoke-Shellcode.ps1
• 2017.10 [freebuf] 用TEB结构实现ShellCode的通用性
• 2017.10 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes encodés sur GATEWATCHER sur Linux (Version 2.X minimum)
• 2017.10 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes custom non encodés sur GATEWATCHER sur Windows XP (Version 2.5 minimum)
• 2017.09 [aliyun] Shellcode另类使用方式
• 2017.08 [360] HITB GSEC CTF Win Pwn解题全记录之babyshellcode
• 2017.08 [venus] HITB GSEC CTF Win Pwn 解题全记录之 babyshellcode
• 2017.08 [360] 通过Shellcode聚类识别定向攻击（APT）相关的恶意代码
• 2017.08 [vkremez] Let's Learn: Preparing Shellcode in NASM
• 2017.08 [4hou] 教你如何使用分组密码对shellcode中的windows api字符串进行加密
• 2017.07 [ColinHardy] Extract Shellcode from Fileless Malware like a Pro
• 2017.06 [modexp] Shellcode: The hunt for GetProcAddress
• 2017.06 [nsfocus] 手把手简易实现shellcode及详解
• 2017.06 [pediy] [翻译]Shellcode:x86优化 part 1
• 2017.06 [modexp] Shellcode: x86 optimizations part 1
• 2017.05 [secist] ShellCode入门（提取ShellCode）
• 2017.05 [secist] 任意程序添加ShellCode
• 2017.05 [abatchy] Linux/x86 - Disable ASLR Shellcode (71 bytes)
• 2017.04 [abatchy] Shellcode reduction tips (x86)
• 2017.03 [pediy] [原创][shellcode框架（一）] 认识shellcode，部署shellcode开放框架
• 2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 4）
• 2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 4 - There is No Code
• 2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 3）
• 2017.03 [360] 智能逃避IDS——RSA非对称多态SHELLCODE
• 2017.03 [4hou] Windows Shellcode学习笔记——Shellcode的提取与测试
• 2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 3
• 2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 2）
• 2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 1）
• 2017.03 [360] 反侦测的艺术part3：shellcode炼金术
• 2017.03 [4hou] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
• 2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 2
• 2017.03 [4hou] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
• 2017.03 [3gstudent] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
• 2017.03 [osandamalith] Shellcode to Scroll your Desktop Vertically and Horizontally
• 2017.03 [pediy] [原创]PE2Shellcode
• 2017.03 [3gstudent] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
• 2017.02 [osandamalith] Shellcode to Scroll Your Desktop Horizontally
• 2017.02 [osandamalith] Shellcode to Invert Colors
• 2017.02 [improsec] Windows Kernel Shellcode on Windows 10 – Part 1
• 2017.02 [n0where] Shellcode Builder: Shell Factory
• 2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
• 2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
• 2017.02 [csyssec] X86 Shellcode代码混淆(一)
• 2017.02 [modexp] Shellcode: Dual Mode (x86 + amd64) Linux shellcode
• 2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode的提取与测试
• 2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode的提取与测试
• 2017.01 [modexp] Shellcode: Dual mode PIC for x86 (Reverse and Bind Shells for Windows)
• 2017.01 [modexp] Shellcode: Solaris x86
• 2017.01 [modexp] Shellcode: Mac OSX amd64
• 2017.01 [modexp] Shellcode: Resolving API addresses in memory
• 2017.01 [360] 远程漏洞利用：无需借助套接字的Shellcode
• 2016.12 [360] NC后门技术（shellcode版）
• 2016.12 [modexp] Shellcode: A Windows PIC using RSA-2048 key exchange, AES-256, SHA-3
• 2016.12 [360] 使用PLC作为payload/shellcode分发系统（含演示视频）
• 2016.12 [hexacorn] Shellcode. I’ll Call you back.
• 2016.12 [shelliscoming] Modbus Stager: Using PLCs as a payload/shellcode distribution system
• 2016.12 [venus] Shellcode Compiler - 一款易用的 Shellcode 编译工具
• 2016.11 [dist67] VBA Shellcode To Test EMET
• 2016.11 [sans] VBA Shellcode and EMET
• 2016.11 [msreverseengineering] Synesthesia: Modern Shellcode Synthesis (Ekoparty 2016 Talk)
• 2016.10 [360] 浅谈ASLR和Shellcode的那些事儿
• 2016.09 [dist67] Maldoc VBA: Shellcode
• 2016.09 [3gstudent] Study Notes Weekly No.2(Shellcode Via JScript & VBScript)
• 2016.09 [3gstudent] Study Notes Weekly No.2(Shellcode Via JScript & VBScript)
• 2016.08 [paloaltonetworks] VB Dropper and Shellcode for Hancitor Reveal New Techniques Behi
• 2016.08 [uaf] openCTF 2016 - tyro_shellcode2
• 2016.08 [uaf] openCTF 2016 - tyro_shellcode
• 2016.08 [osandamalith] Making your Shellcode Undetectable using .NET
• 2016.07 [sizzop] Kernel Hacking With HEVD Part 3 - The Shellcode
• 2016.06 [breakdev] X86 Shellcode Obfuscation - Part 3
• 2016.06 [paraschetal] Gracker level7 (Ghost in the Shellcode!)
• 2016.06 [mcafee] Threat Actors Employ COM Technology in Shellcode to Evade Detection
• 2016.06 [mcafee] Threat Actors Employ COM Technology in Shellcode to Evade Detection
• 2016.06 [modexp] Shellcode: Detection between Windows/Linux/BSD on x86 architecture
• 2016.05 [angelalonso] Malicious Excel documents with macros running shellcodes
• 2016.05 [hackingarticles] Hack Remote Windows 10 PC using Cypher (Adding Shellcode to PE files)
• 2016.05 [breakdev] X86 Shellcode Obfuscation - Part 2
• 2016.05 [breakdev] X86 Shellcode Obfuscation - Part 1
• 2016.04 [paraschetal] OWASP ZCR Shellcoder
• 2016.04 [modexp] Shellcode: FreeBSD / OpenBSD amd64
• 2016.03 [modexp] Shellcode: Linux amd64
• 2016.02 [ZeroNights] George Nosenko — Cisco IOS shellcode — all-in-one
• 2016.02 [freebuf] OWASP ZSC Shellcoder：定制个人专属Shellcode
• 2015.11 [pediy] [原创]我也发一个自己写的reverse_bind shellcode代码
• 2015.11 [autohacker] Android Shellcode Telnetd with Parameters
• 2015.09 [ly0n] Windows bind shell universal shellcode
• 2015.09 [ly0n] Windows bind shell universal shellcode
• 2015.09 [theevilbit] Creating OSX shellcodes
• 2015.09 [bigendiansmalls] Bind Shell – shellcode and source
• 2015.08 [ly0n] Windows reverse shell universal shellcode
• 2015.08 [ly0n] Windows reverse shell universal shellcode
• 2015.08 [ly0n] WinExec calc.exe universal shellcode
• 2015.08 [ly0n] WinExec calc.exe universal shellcode
• 2015.08 [n0where] OWASP ZeroDay Cyber Research Shellcoder
• 2015.07 [bigendiansmalls] Shellcode Freebie!
• 2015.07 [bigendiansmalls] Mainframe shellcode
• 2015.06 [sans] Detecting Shellcode Hidden in Malicious Files
• 2015.06 [tophertimzen] Shellcode Techniques in C++
• 2015.04 [govolution] Shifting from 32bit to 64bit Linux Shellcode
• 2015.04 [govolution] Dumping shellcode 64bit style
• 2015.04 [tophertimzen] Shellcode in .NET - How the PEB Changes
• 2015.03 [osandamalith] Running Shellcode in your Raspberry Pi
• 2014.12 [sans] Examining Shellcode in a Debugger through Control of the Instruction Pointer
• 2014.12 [zerosum0x0] x64 Egg-Hunter Shellcode Stager
• 2014.12 [zerosum0x0] x64 Linux Polymorphic execve() shellcode
• 2014.12 [zerosum0x0] x64 Shellcode One-Time Pad Crypter
• 2014.12 [zerosum0x0] x64 Linux Polymorphic forkbomb shellcode
• 2014.12 [zerosum0x0] x64 Linux Polymorphic read file shellcode
• 2014.12 [zerosum0x0] x64 Linux reverse TCP connect shellcode (75 to 83 bytes, 88 to 96 with password)
• 2014.12 [zerosum0x0] x64 Linux bind TCP port shellcode (80 bytes, 95 with password)
• 2014.12 [nebelwelt] Ghost in the Shellcode Teaser 2015: Lost To Time
• 2014.12 [tophertimzen] Windows x64 Shellcode
• 2014.11 [pediy] [原创]史上最小无需重定位的"格盘"ShellCode
• 2014.11 [sans] Guest Diary: Didier Stevens - Shellcode Detection with XORSearch
• 2014.10 [MarcusNiemietz] Svetlana Gaivoronski - Shellcode detection techniques
• 2014.09 [pediy] [原创]根据一个通用的shellcode 还原的一段汇编代码
• 2014.07 [govolution] Shellcode Binder for Windows 64 Bit
• 2014.07 [osandamalith] shutdown -h now Shellcode
• 2014.06 [osandamalith] Chmod 0777 Polymorphic Shellcode
• 2014.05 [parsiya] Pasting Shellcode in GDB using Python
• 2014.04 [skullsecurity] Ghost in the Shellcode: fuzzy (Pwnage 301)
• 2014.03 [] Two shellcodes and a bit of code
• 2014.03 [zairon] Obfuscated shellcode inside a malicious RTF document
• 2014.02 [freebuf] 用C语言进一步优化Windows Shellcode
• 2014.02 [rapid7] Shellcode Golf: Every Byte is Sacred
• 2014.02 [govolution] Shellcode for deleting a file
• 2014.01 [govolution] SLAE: Shellcode read and send file
• 2014.01 [skullsecurity] Ghost in the Shellcode: gitsmsg (Pwnage 299)
• 2014.01 [govolution] SLAE Assignment 6: Polymorphic Shellcode
• 2014.01 [skullsecurity] Ghost in the Shellcode: TI-1337 (Pwnable 100)
• 2014.01 [pediy] [原创]揭示《shellcoder's handbook》中一个函数的运行机制
• 2013.12 [pediy] [原创]shellcode 版的 hello world
• 2013.12 [anti] A Shellter for your shellcode…
• 2013.12 [pediy] [原创]旧书重温：0day2[5]shellcode变形记
• 2013.11 [infosec42] [Shellcode] MIPS Little Endian Reverse Shell Shellcode (Linux)
• 2013.08 [v0ids3curity] Stdin reopen & execve /bin/sh shellcode for Linux/x86_64
• 2013.07 [infosec42] [Shellcode] MIPS Little Endian system() Shellcode
• 2013.06 [pediy] [原创]分享用C语言写ShellCode的技术应用--拦截系统记事本工具的保存菜单
• 2013.06 [pediy] [原创]分享用C语言写ShellCode的实现源码
• 2013.06 [jumpespjump] One-liner to only get the shellcode from objdump
• 2013.04 [pediy] [原创]新人ShellCode小总结,附带一个讨论问题
• 2013.03 [techorganic] Binary to shellcode
• 2013.02 [v0ids3curity] Ghost In The Shellcode 2013 CTF - Pwnable 100 - Question 8 Shiftd [Team xbios]
• 2013.01 [pediy] [原创]MAsM ShellCode 宏框架使用手册 CHM
• 2012.11 [offensive] Fun with AIX Shellcode and Metasploit
• 2012.11 [cawanblog] Design and Implementation of Token Stealing Kernel Shellcode for Windows 8
• 2012.11 [cawanblog] How To Build A Kernel Shellcode Design and Testing Platform For Windows 8 By Using Windbg
• 2012.10 [pediy] [原创]ShellCodeToAscii
• 2012.08 [pediy] [原创] Shellcode In X64-3 Test Your Shellcode
• 2012.08 [pediy] [原创]Shellcode In X64-2Search Function using hash
• 2012.08 [pediy] [原创]Shellcode In X64-1Find Kernel32.dll
• 2012.08 [rsa] Network detection of x86 buffer overflow shellcode
• 2012.07 [magictong] ShellCode的调试方法和常见问题的解决方法
• 2012.05 [pediy] [原创] 也学构造字母shellcode
• 2012.05 [joxeankoret] Embedding a shellcode in a PE file
• 2012.03 [] 文件类漏洞ShellCode的查找
• 2012.03 [sans] Phishing with obfuscated javascript, shellcode and malware
• 2012.01 [] Linux/x86 Polymorphic ShellCode – setuid(0)+setgid(0)+add user ‘iph’ without password to /etc/passwd
• 2011.11 [pediy] [原创]我的第一次vc转shellcode历程
• 2011.10 [dist67] White Hat Shellcode Workshop: Enforcing Permanent DEP
• 2011.08 [pediy] [原创]OllyDgb下的shellcode提取插件
• 2011.06 [pediy] [求助]在shellcode中遇到疑惑的浮点指令
• 2011.04 [pediy] [原创]Dadong's JSXX 0.39 VIP所用shellcode调试
• 2011.03 [purehacking] The Shellcode Lab - Black Hat Training Course
• 2011.01 [travisgoodspeed] Generic CC1110 Sniffing, Shellcode, and iClickers
• 2010.12 [pediy] [原创]shellcode框架，纯属娱乐
• 2010.11 [e] Hiding Shellcode in Plain Sight
• 2010.09 [pediy] [原创]众里寻他千百度----文件类漏洞ShellCode的查找
• 2010.05 [pediy] [原创]纯字母shellcode揭秘
• 2010.04 [pediy] [原创]基于shellcode感染方式的组合病毒研究
• 2010.03 [skullsecurity] Weaponizing dnscat with shellcode and Metasploit
• 2009.06 [heelan] Morphing shellcode using CFGs and SAT
• 2009.05 [heelan] Not all shellcode locations are made equal
• 2009.03 [pediy] [分享]贴一个MessageBox的shellcode
• 2009.01 [pediy] [原创]改写前辈的shellcode（delphi版）
• 2008.12 [edge] Shellcode2Exe
• 2008.11 [pediy] [原创]汇编打造最简单的shellcode
• 2008.09 [pediy] [原创]ShellCode Locator for IDA 5.2
• 2008.07 [pediy] [翻譯]SHELLCODE 設計解密
• 2008.07 [pediy] [原创]32字节的退出进程Shellcode
• 2008.07 [pediy] [原创]word 漏洞利用shellcode代码反汇编
• 2008.06 [pediy] [作品提交]ShellCode辅助工具
• 2008.05 [pediy] [原创]快速高效的写shellcode
• 2008.02 [pediy] [原创]shellcode之小小琢磨
• 2007.08 [pediy] [原创]完全不懂shellcode解第二阶段第一题
• 2007.03 [pediy] 《The Shellcoder's handbook》第十九章_二进制审计：Hacking不公开源码的软件
• 2007.02 [pediy] 《The Shellcoder's handbook》第十八章_跟踪漏洞
• 2007.02 [pediy] [注意]《The Shellcoder's Handbook》中的笔误
• 2007.02 [pediy] 《The Shellcoder's handbook》第十七章_Instrumented Investigation:手工的方法
• 2007.02 [pediy] 《The Shellcoder's handbook》第十六章_源码审计：在C-Based 语言里寻找漏洞
• 2007.02 [pediy] 《The Shellcoder's handbook》第十五_Fuzzing的技巧
• 2007.01 [pediy] 《The Shellcoder's handbook》第十三章_建立工作环境
• 2007.01 [pediy] 《The Shellcoder's handbook》第十二章_破解HP Tru64 Unix
• 2007.01 [pediy] 《The Shellcoder's handbook》第十一章_高级 Solaris 破解
• 2007.01 [pediy] 《The Shellcoder's handbook》第十章_Solaris 破解入门
• 2006.12 [pediy] 《The Shellcoder's handbook》第九章_战胜过滤器
• 2006.12 [pediy] 《The Shellcoder's handbook》第八章_Windows 溢出
• 2006.12 [pediy] 来看看WINRAR溢出漏洞吧,写个SHELLCODE就可以捆绑程序[注意]
• 2006.12 [pediy] 《The Shellcoder's handbook》第七章_Windows Shellcode
• 2006.12 [pediy] 《The Shellcoder's handbook》翻译汇总及勘误
• 2006.12 [pediy] 《The Shellcoder's handbook》第六章_Windows的广阔原野
• 2006.11 [em386] Sysenter shellcode
• 2006.11 [pediy] 《The Shellcoder's handbook》第五章_堆溢出
• 2006.11 [pediy] 《The Shellcoder's handbook》第四章_格式化串漏洞
• 2006.11 [pediy] 《The Shellcoder's handbook》第三章_Shellcode
• 2006.10 [pediy] 《The Shellcoder's handbook》第二章_栈溢出
• 2006.10 [pediy] 《The Shellcoder's handbook》第一章_在开始之前
• 2006.10 [pediy] [原创]小议shellcoder
• 2006.04 [pediy] [原创]常用ShellCode Hash算法-Delphi内镶BASM
• 2005.01 [pediy] shellcode和我写的一个例子

Contribute

Contents auto exported by Our System, please raise Issue if you have any question.