The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Shellcode Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
bddisasm
bddisasm is a fast, lightweight, x86/x64 instruction decoder. The project also features a fast, basic, x86/x64 instruction emulator, designed specifically to detect shellcode-like behavior.
-
modernish
Modernish is a library for writing robust, portable, readable, and powerful programs for POSIX-based shells and utilities.
-
FunctionStomping
Shellcode injection technique. Given as C++ header, standalone Rust program or library.
-
ntqueueapcthreadex-ntdll-gadget-injection
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
-
peekaboo
Simple undetectable shellcode and code injector launcher example. Inspired by RTO malware development course.
-
ShellWasp
ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2.0 includes novel ways to invoke the syscall in WoW64.
-
DoubleStar
A personalized/enhanced re-creation of the Darkhotel "Double Star" APT exploit chain with a focus on Windows 8.1 and mixed with some of my own techniques (by forrest-orr)
-
Simple-Polymorphic-Engine-SPE32
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data. It is an amateur project that can be used to demonstrate what polymorphic engines are.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
The Pwntools library stands out as a sophisticated toolset for CTF enthusiasts and security researchers. It aids in creating and executing shellcode, designing payloads, and interacting with remote processes. For instance, the context feature allows developers to switch between different architectures effortlessly, while the 'tube' module streamlines the communication between local and remote processes. And it's not just limited to Linux; the library has support for various platforms including Windows, making it versatile and comprehensive.
Finally, we also have the option to transform a native PE back to shellcode. This may be done, for example, via hasherezade's pe_to_shellcode tool.
Project mention: Theattacker-Crypter - Tool to evade Antivirus With Different Techniques | /r/CKsTechNews | 2023-05-18
Shellcode related posts
- GitHub - DavidBuchanan314/monomorph: MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash
- How realistic is it to inject malicious code into Compiler GCC or Clang without anyone noticing?
- monomorph: MD5-Monomorphic Shellcode Packer - Pack arbitrary shellcode into an executable that always has the same MD5 hash
- monomorph: MD5-Monomorphic Shellcode Packer - Pack arbitrary shellcode into an executable that always has the same MD5 hash
- monomorph: MD5-Monomorphic Shellcode Packer - Pack arbitrary shellcode into an executable that always has the same MD5 hash
- Show HN: Monomorph – pack any shellcode into a binary with a fixed MD5 hash
- Zeratool v2.2: Automatic Exploit Generation (AEG) with automated remote libc leaking and ret2dlresolve rop chain generation for exploitable CTF problems.
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Index
What are some of the best open-source Shellcode projects? This list will help you:
Project | Stars | |
---|---|---|
1 | pwntools | 11,447 |
2 | pe_to_shellcode | 2,197 |
3 | shad0w | 1,981 |
4 | venom | 1,705 |
5 | amber | 1,116 |
6 | Zeratool | 1,087 |
7 | cemu | 908 |
8 | bddisasm | 838 |
9 | monomorph | 774 |
10 | modernish | 729 |
11 | FunctionStomping | 669 |
12 | DripLoader | 666 |
13 | Shoggoth | 563 |
14 | MicroBackdoor | 547 |
15 | owt | 427 |
16 | rust-windows-shellcode | 252 |
17 | ntqueueapcthreadex-ntdll-gadget-injection | 222 |
18 | peekaboo | 187 |
19 | ShellWasp | 150 |
20 | Theattacker-Crypter | 146 |
21 | DoubleStar | 144 |
22 | Simple-Polymorphic-Engine-SPE32 | 116 |
23 | LearnPwn | 93 |
Sponsored