所有收集类项目

Shellcode

Shellcode相关资源, 150+工具, 500+文章
English Version

开发&&编写
- shellen -> (1)工具 (2)文章
- 漏洞开发 -> (1)工具 (13)文章
- 编码&&解码 -> (9)工具 (14)文章
- (9) 工具
- (56) 文章
启动&&加载&&注入&&执行
- 注入 -> (13)工具 (34)文章
- 执行 -> (1)工具 (23)文章
- (22) 工具
- (6) 文章
生成 -> (16)工具 (24)文章
转换 -> (11)工具 (3)文章
分析
- 漏洞 ->
- (5) 工具
- (53) 文章
BypassXxx
- AV -> (5)工具 (9)文章
- (5) 工具
- (12) 文章
ARM -> (2)工具 (9)文章
其他
- 工具
- 文章
  - (262) 新添加

开发&&编写

shellen

工具

[706星][1y] [Py] merrychap/shellen 交互式Shellcode开发环境

文章

2018.03 [freebuf] Shellen：交互式shellcode开发环境
2018.02 [pediy] [翻译] Shellen-交互式shellcode开发环境

漏洞开发

工具

[8星][4y] [Py] sectool/python-shellcode-buffer-overflow Shellcode / Buffer Overflow

文章

2018.04 [pediy] [翻译]Windows漏洞利用开发 - 第4部分：使用跳转定位Shellcode
2017.09 [shogunlab] Zero Day Zen Garden: Windows Exploit Development - Part 3 [Egghunter to Locate Shellcode]
2017.08 [shogunlab] Zero Day Zen Garden: Windows Exploit Development - Part 2 [JMP to Locate Shellcode]
2017.05 [abatchy] Exploit Dev 101: Jumping to Shellcode
2016.06 [digitaloperatives] Exploiting Weak Shellcode Hashes to Thwart Module Discovery; or, Go Home, Malware, You’re Drunk!
2016.01 [pediy] [翻译]Windows Exploit开发系列教程第六部分：WIN32 shellcode编写
2016.01 [pediy] [翻译]exploit开发教程第六章-shellcode
2015.08 [ly0n] Avoiding badchars & small buffers with custom shellcode – OdinSecureFTPclient SEH exploit
2015.08 [ly0n] Avoiding badchars & small buffers with custom shellcode – OdinSecureFTPclient SEH exploit
2014.03 [beefproject] Exploiting with BeEF Bind shellcode
2014.01 [securitysift] Windows Exploit Development – Part 5: Locating Shellcode With Egghunting
2013.12 [securitysift] Windows Exploit Development – Part 4: Locating Shellcode With Jumps
2008.01 [pediy] [原创]exploit_me_A的shellcode构造与突破

编码&&解码

工具

[89星][4y] [Py] mothran/unicorn-decoder Simple shellcode decoder using unicorn-engine
[51星][1y] [Py] ecx86/shellcode_encoder x64 printable shellcode encoder
[45星][4y] [Py] eteissonniere/elidecode The tool to decode obfuscated shellcodes using the unicorn and capstone engine
[29星][2y] [Py] ihack4falafel/slink Alphanumeric Shellcode (x86) Encoder
[27星][7m] [Py] blacknbunny/encdecshellcode Shellcode Encrypter & Decrypter With XOR Cipher
[13星][1y] [Py] veritas501/ae64 basic amd64 alphanumeric shellcode encoder
[12星][2m] [Perl 6] anon6372098/faz-shc Faz-SHC is a program that can be encrypted the text you give to a Shellcode. Simple and coded with Perl. Coded by M.Fazri Nizar.
[2星][1y] [Makefile] sh3llc0d3r1337/slae32-custom-encoder SLAE32 Assignment #4 - Custom Shellcode
[0星][10m] pcsxcetra/equationeditorshellcodedecoder Tool to decode the encoded Shellcode of this type found in office documents

文章

2019.11 [rapid7] Metasploit Shellcode Grows Up: Encrypted and Authenticated C Shells
2019.11 [aliyun] Shellcode编码技术
2019.05 [pcsxcetrasupport3] A deeper look at Equation Editor CVE-2017-11882 with encoded Shellcode
2019.03 [cybersecpolitics] The Lost Art of Shellcode Encoder/Decoders
2018.07 [doyler] 编写 Shellcode XOR 编码/解码器, 躲避AV检测
2017.08 [360] SLAE：如何开发自定义的RBIX Shellcode编码解码器
2015.07 [bigendiansmalls] Building shellcode, egghunters and decoders.
2015.03 [freebuf] Huffy：哈夫曼编码的shellcode
2015.02 [skullsecurity] GitS 2015: Huffy (huffman-encoded shellcode)
2014.12 [zerosum0x0] x64 Shellcode Byte-Rotate Encoder
2014.04 [volatility] Building a Decoder for the CVE-2014-0502 Shellcode
2012.08 [debasish] Experiment With Run Time Encryption/Decryption of Win32 ShellCodes
2012.05 [pediy] [原创]shellcode xor编码/解码
2008.08 [pediy] [原创]shellcode的一种ascii编码方法

工具

[513星][3y] [Py] reyammer/shellnoob Shellcode编写工具包
[189星][1y] [Py] thesecondsun/shellab Shellcode开发/丰富工具，支持Windows/Linux
[184星][8m] [C++] jackullrich/shellcodestdio 辅助编写Windows平台的位置无关Shellcode，支持x86/x64
[115星][4y] [C++] lcatro/vuln_javascript 模拟一个存在漏洞的JavaScript 运行环境,用来学习浏览器漏洞原理和练习如何编写Shellcode
[95星][2y] [Py] invictus1306/workshop-bsidesmunich2018 ARM shellcode and exploit development - BSidesMunich 2018
[75星][6m] [C++] shellvm/shellvm A collection of LLVM transform and analysis passes to write shellcode in regular C
[15星][4y] [Assembly] novicelive/shellcoding Introduce you to shellcode development.
[6星][3y] [Java] jlxip/shellcode-ide An IDE for creating shellcodes.
[3星][2y] [C] wanttobeno/study_shellcode windows平台下功能性shellcode的编写

文章

2020.01 [aliyun] shellcode编写过程总结
2019.06 [nytrosecurity] Writing shellcodes for Windows x64
2019.04 [4hou] Windows x86 Shellcode开发：寻找Kernel32.dll地址
2019.02 [X0x0FFB347] Writing a Custom Shellcode Encoder
2019.02 [aliyun] 用ARM编写shellcode
2019.01 [fuzzysecurity] Writing shellcode to binary files
2019.01 [fuzzysecurity] Part 6: Writing W32 shellcode
2019.01 [freebuf] 过年不屯点干货吗，Windows平台高效Shellcode编程技术实战｜精品公开课
2019.01 [ly0n] [BOOK] Shellcode writting in Windows environments
2019.01 [ly0n] [BOOK] Shellcode writting in Windows environments
2018.11 [4hou] FreeBSD上编写x86 Shellcode初学者指南
2018.08 [pediy] [原创]《0day安全...（第二版）》第3章第4节开发通用的shellcode在win10系统下测试的问题
2018.08 [360] 路由器漏洞复现终极奥义——基于MIPS的shellcode编写
2018.07 [pediy] [翻译]二进制漏洞利用（一）编写ARMshellcode&理解系统函数
2018.03 [aliyun] Windows下Shellcode编写详解
2018.02 [freebuf] Sickle：推荐一款优质ShellCode开发工具
2018.02 [aliyun] Linux下shellcode的编写
2017.09 [secist] 我的shellcode编写之路 |MSF| Shellcode | kali linux 2017
2017.06 [360] Shellcode编程之特征搜索定位GetProcAddress
2017.06 [skullsecurity] 解决 CTF "b-64-b-tuff"：手动编写 base64 解码器及 alphanumeric shellcode
2017.05 [360] Windows x64 shellcode编写指南
2017.05 [freebuf] 如何编写高质量的Windows Shellcode
2017.05 [pediy] [翻译]Windows平台下的Shellcode代码优化编写指引
2017.03 [4hou] HEVD 内核攻击: 编写Shellcode（三）
2017.01 [360] shellcode编程：在内存中解析API地址
2016.06 [paraschetal] Writing your own shellcode.
2016.02 [freebuf] Windows平台shellcode开发入门（三）
2016.02 [securitycafe] Introduction to Windows shellcode development – Part 3
2016.01 [freebuf] Windows平台shellcode开发入门（二）
2016.01 [freebuf] Windows平台shellcode开发入门（一）
2016.01 [securitygossip] When Every Byte Counts – Writing Minimal Length Shellcodes
2016.01 [sjtu] When Every Byte Counts – Writing Minimal Length Shellcodes
2015.12 [securitycafe] Introduction to Windows shellcode development – Part 2
2015.10 [securitycafe] Introduction to Windows shellcode development – Part 1
2015.02 [freebuf] Windows平台下高级Shellcode编程技术
2015.02 [pediy] [原创]windows平台下的高级shellcode编程技术
2015.02 [topsec] windows平台下高级shellcode编程技术
2014.08 [pediy] [原创]Masm宏框架简单编写复杂的ShellCode
2014.07 [] 使用C编写shellcode
2013.12 [pediy] [原创]编写二进制的shellcode
2013.06 [pediy] [原创]PE感染&ShellCode编写技术补充
2013.05 [toolswatch] ShellNoob v1.0 – Shellcode Writing Toolkit
2013.04 [reyammer] ShellNoob 1.0 - a shellcode writing toolkit
2012.09 [pediy] [原创]Android系统shellcode编写
2012.06 [] shellcode的编写与关键
2011.06 [pediy] [原创]MASM之ShellCode框架编写[合并帖]
2010.10 [pediy] [原创]Win 7下定位kernel32.dll基址及shellcode编写
2010.09 [pediy] [翻译]Exploit 编写系列教程第九篇Win32 Shellcode编写入门
2010.05 [elearnsecurity] Writing OS Independent Shellcode
2010.03 [pediy] [原创]Writing JIT-Spray Shellcode for fun and profit - CHS[更新完整版]
2010.01 [pediy] [原创]编写反连ShellCode遇到的难点并解决之总结
2009.11 [pediy] [翻译]Exploit编写系列教程第二篇: 栈溢出——跳至shellcode
2009.07 [corelan] Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode
2009.01 [pediy] [翻译]写一段小型溢出代码（译自：Writing Small Shellcode）
2008.01 [pediy] [原创]ShellCode编写之hash式函数调用及相关
2006.07 [pediy] [原创]VC8编写ShellCode以及辅助工具

启动&&加载&&注入&&执行

注入

工具

[126星][2y] [C++] gpoulios/ropinjector Patching ROP-encoded shellcodes into PEs
[108星][1m] [C++] josh0xa/threadboat uses Thread Execution Hijacking to Inject Native Shellcode into a Standard Win32 Application
[85星][3y] [C] countercept/doublepulsar-usermode-injector 使用 DOUBLEPULSAR payload 用户模式的 Shellcode 向其他进程注入任意 DLL
[63星][8y] [Py] sensepost/anapickle Toolset for writing shellcode in Python's Pickle language and for manipulating pickles to inject shellcode.
[60星][2m] [Py] psychomario/pyinject A python module to help inject shellcode/DLLs into windows processes
[43星][5y] [Py] borjamerino/tlsinjector Python script to inject and run shellcodes through TLS callbacks
[27星][2y] [Py] taroballzchen/shecodject shecodject is a autoscript for shellcode injection by Python3 programing
[20星][3m] [Go] binject/shellcode Shellcode library as a Go package
[19星][5y] [C] jorik041/cymothoa Cymothoa is a backdooring tool, that inject backdoor's shellcode directly into running applications. Stealth and lightweight...
[16星][3y] [PLpgSQL] michaelburge/redshift-shellcode Example of injecting x64 shellcode into Amazon Redshift
[14星][2y] chango77747/shellcodeinjector_msbuild
[10星][1y] [C++] egebalci/injector Simple shellcode injector.
[8星][2y] [C++] xiaobo93/unmodule_shellcode_inject 无模块注入工程 VS2008

文章

2019.12 [aliyun] 手工shellcode注入PE文件
2019.11 [4hou] 代码注入技术之Shellcode注入
2019.11 [ColinHardy] Excel 4.0 Macros Analysis - Cobalt Strike Shellcode Injection
2019.09 [freebuf] 在遇到shellcode注入进程时所使用的调试技
2019.08 [4hou] 远程进程shellcode注入调试技巧
2019.06 [360] Arm平台Ptrace注入shellcode技术
2018.10 [pediy] [原创]代替创建用户线程使用ShellCode注入DLL的小技巧
2018.09 [pediy] [分享]绝对牛逼哄哄的shellcode内存注入,支持64,32,远程内存注入,支持VMP壳最大强度保护
2018.08 [freebuf] sRDI：一款通过Shellcode实现反射型DLL注入的强大工具
2018.05 [cobaltstrike] PowerShell Shellcode Injection on Win 10 (v1803)
2017.12 [pentesttoolz] Shecodject – Autoscript for Shellcode Injection
2017.12 [MalwareAnalysisForHedgehogs] Malware Analysis - ROKRAT Unpacking from Injected Shellcode
2017.11 [freebuf] Metasploit自动化Bypass Av脚本：Shecodject X Shellcode Injection
2017.10 [pediy] [原创]通过Wannacry分析内核shellcode注入dll技术
2017.08 [silentbreaksecurity] sRDI – Shellcode Reflective DLL Injection
2015.12 [dhavalkapil] Shellcode Injection
2015.12 [n0where] Dynamic Shellcode Injection: Shellter
2015.10 [freebuf] Kali Shellter 5.1：动态ShellCode注入工具绕过安全软件
2015.08 [christophertruncer] Injecting Shellcode into a Remote Process with Python
2015.08 [pediy] [原创]纯C++编写Win32/X64通用Shellcode注入csrss进程.
2015.07 [BsidesLisbon] BSidesLisbon2015 - Shellter - A dynamic shellcode injector - Kyriakos Economou
2015.06 [freebuf] 动态Shellcode注入工具 – Shellter
2015.06 [shelliscoming] TLS Injector: running shellcodes through TLS callbacks
2014.08 [toolswatch] Shellter v1.7 A Dynamic ShellCode Injector – Released
2014.06 [toolswatch] [New Tool] Shellter v1.0 A Dynamic ShellCode Injector – Released
2013.06 [debasish] Injecting Shellcode into a Portable Executable(PE) using Python
2013.05 [trustedsec] Native PowerShell x86 Shellcode Injection on 64-bit Platforms
2013.05 [pediy] [原创]内核ShellCode注入的一种方法
2012.10 [hackingarticles] Cymothoa – Runtime shellcode injection Backdoors
2012.09 [hackingarticles] PyInjector Shellcode Injection attack on Remote PC using Social Engineering Toolkit
2012.08 [trustedsec] New tool PyInjector Released – Python Shellcode Injection
2011.07 [firebitsbr] Syringe utility provides ability to inject shellcode into processes
2007.01 [pediy] 《The Shellcoder's handbook》第十四章_故障注入
2006.02 [pediy] [原创]ShellCode的另外一种玩法(远程线程注入ShellCode)

执行

工具

[77星][2m] [C] dimopouloselias/simpleshellcodeinjector receives as an argument a shellcode in hex and executes it

文章

2019.09 [4hou] Windows shellcode执行技术入门指南
2019.07 [contextis] A Beginner’s Guide to Windows Shellcode Execution Techniques
2019.03 [countercept] Dynamic Shellcode Execution
2019.03 [countercept] Dynamic Shellcode Execution
2019.01 [t00ls] 投稿文章：Bypass Applocker + 免杀执行任意 shellcode [ csc + installUtil ]
2017.09 [] ShellCode执行代码iptables -P INPUT ACCEPT
2017.04 [osandamalith] 使Windows Loader直接执行ShellCode，IDA载入文件时崩溃，而且绕过大多数杀软。
2017.01 [360] 利用原生Windows函数执行shellcode
2016.12 [evi1cg] Office Shellcode Execution
2016.10 [qq] 宏病毒利用EnumDateFormats执行Shellcode创建傀进程绕杀软
2016.08 [360] CallWindowProc被宏病毒利用来执行Shellcode
2016.06 [modexp] Shellcode: Execute command for x32/x64 Linux / Windows / BSD
2016.03 [modexp] Shellcodes: Executing Windows and Linux Shellcodes
2015.08 [doyler] Executing Shellcode with Python
2014.11 [BSidesCHS] BSidesCHS 2013 - Session 02 - Java Shellcode Execution
2014.07 [pediy] [原创]从内核在WOW64进程中执行用户态shellcode
2014.03 [sevagas] Hide meterpreter shellcode in executable
2013.08 [freebuf] 利用vbs优雅的执行shellcode
2013.02 [y0nd13] HunnyBunny: Execute any shellcode on the
2012.04 [debasish] Execute ShellCode Using Python
2010.12 [riusksk] Shellcode分段执行技术原理
2009.02 [pediy] [原创]从执行流程看shellcode（一）[附源代码]
2008.12 [pediy] [求助]第五章的通用shellcode在password.txt中始终无法正常执行令我好生头痛

工具

[353星][6y] [C] inquisb/shellcodeexec 在内存中执行opcode序列
[258星][1m] [C++] clinicallyinane/shellcode_launcher Shellcode launcher utility
[235星][4y] [Py] pyana/pyana 使用Unicorn框架模拟执行Shellcode(Windows)
[229星][2m] [Go] brimstone/go-shellcode Load shellcode into a new process
[153星][9m] [Assembly] peterferrie/win-exec-calc-shellcode 执行calc.exe的Shellcode (x86/x64, 所有版本/SPs)
[148星][6m] [Pascal] coldzer0/cmulator ( x86 - x64 ) Scriptable Reverse Engineering Sandbox Emulator for shellcode and PE binaries . Based on Unicorn & Zydis Engine & javascript
[129星][3y] [PS] arno0x/dnsdelivery delivery and in memory execution of shellcode or .Net assembly using DNS requests delivery channel.
[122星][3y] [C#] zerosum0x0/runshellcode .NET GUI program that runs shellcode
[97星][6m] [PS] rvrsh3ll/cplresourcerunner Run shellcode from resource
[91星][11m] [C] fireeye/flare-kscldr 内核中加载Shellcode: 实例、方法与工具
[73星][6y] enigma0x3/powershell-payload-excel-delivery Uses Invoke-Shellcode to execute a payload and persist on the system.
[64星][1y] [C] emptymonkey/drinkme 从 stdin 读取 ShellCode 并执行。用于部署 ShellCode 之前测试
[57星][3y] [C] zerosum0x0/shellcodedriver Windows driver to execute arbitrary usermode code (essentially same vulnerability as capcom.sys)
[55星][2y] [C++] sisoma2/shellcodeloader Small tool to load shellcodes or PEs to analyze them
[42星][1y] [C++] userexistserror/dllloadershellcode Shellcode to load an appended Dll
[34星][3y] [Py] n1nj4sec/pymemimporter import pyd or execute PE all from memory using only pure python code and some shellcode tricks
[26星][3y] [Ruby] eik00d/reverse_dns_shellcode Revrese DNS payload for Metasploit: Download Exec x86 shellcode. Also DNS Handler and VBS bot (alsow working over DNS) as PoC included.
[23星][1m] [Py] thomaskeck/pyshellcode Execute ShellCode / "Inline-Assembler" in Python
[18星][3y] [Py] 0xyg3n/mem64 Run Any Native PE file as a memory ONLY Payload , most likely as a shellcode using hta attack vector which interacts with Powershell.
[15星][3y] [C++] naxalpha/shellcode-loader Shellcode Loader Engine for Windows
[4星][2y] [C] samvartaka/triton_analysis Analysis of the TRITON/TRISIS/HatMan multi-stage PowerPC shellcode payload
[2星][3m] [C] brimstone/shellload Load shellcode into a new process, optionally under a false name.

文章

2018.04 [4hou] 一个可以动态分析恶意软件的工具——Kernel Shellcode Loader
2018.04 [fireeye] 内核中加载Shellcode: 实例、方法与工具
2017.06 [pediy] [翻译]Windows内核ShellCode的动态加载和调试
2017.04 [360] 如何从猫咪图片中加载运行shellcode
2017.02 [modexp] Shellcode: Fido and how it resolves GetProcAddress and LoadLibraryA
2014.02 [govolution] Writing a download and exec shellcode

生成

工具

[693星][1m] [C] thewover/donut 生成位置无关的shellcode（x86，x64或AMD64 + x86），该shellcode从内存中加载.NET程序集、PE文件和其他Windows有效负载，并使用参数运行它们
[582星][2m] [Shell] r00t-3xp10it/venom shellcode 生成器、编译器、处理器(metasploit)
[552星][8m] [C++] nytrorst/shellcodecompiler 将C/C ++样式代码编译成一个小的、与位置无关且无NULL的Shellcode，用于Windows（x86和x64）和Linux（x86和x64）
[493星][1m] [Py] zdresearch/owasp-zsc Shellcode/混淆代码生成器
[90星][3y] [C++] gdelugre/shell-factory C++-based shellcode builder
[88星][2m] [Py] alexpark07/armscgen ARM Shellcode Generator
[80星][3y] [Py] hatriot/shellme simple shellcode generator
[63星][5y] [Py] veil-framework/veil-ordnance Veil-Ordnance is a tool designed to quickly generate MSF stager shellcode
[40星][3y] [Py] karttoon/trigen Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.
[37星][3y] [C++] 3gstudent/shellcode-generater No inline asm,support x86/x64
[33星][2y] [HTML] rh0dev/shellcode2asmjs Automatically generate ASM.JS JIT-Spray payloads
[13星][4y] zdresearch/zcr-shellcoder-archive ZeroDay Cyber Research - ZCR Shellcoder Archive - z3r0d4y.com Shellcode Generator
[13星][1m] [C++] hoodoer/enneos Evolutionary Neural Network Encoder of Shenanigans. Obfuscating shellcode with an encoder that uses genetic algorithms to evolve neural networks to contain and output the shellcode on demand.
[10星][2m] [C#] clonemerge/shellgen Dynamic and extensible shell code generator with multiple output types which can be formatted in binary, hexadecimal, and the typical shellcode output standard.
[4星][2y] [Shell] thepisode/linux-shellcode-generator Experiments on Linux Assembly shellcodes injection
[1星][4m] [Py] ins1gn1a/woollymammoth Toolkit for manual buffer exploitation, which features a basic network socket fuzzer, offset pattern generator and detector, bad character identifier, shellcode carver, and a vanilla EIP exploiter

文章

2019.07 [aliyun] 生成可打印的shellcode
2019.07 [4hou] Shellcode生成工具Donut测试分析
2019.06 [3gstudent] Shellcode生成工具Donut测试分析
2018.12 [HackerSploit] Generating Shellcode With Msfvenom
2018.10 [pediy] [原创] 抛砖引玉之gcc生成可可携带字符串的shellcode
2018.06 [doyler] Execve Shellcode – Includes Arguments and Generator!
2018.03 [pediy] [原创]简陋的小工具:DWORD数组形式拷贝shellcode内容;裸函数生成
2018.02 [pentesttoolz] VENOM 1.0.15 – Metasploit Shellcode Generator/Compiler/Listener
2017.08 [zerosum0x0] 在线版混淆字符串/Shellcode 生成器
2017.07 [pediy] [原创]开源ShellCode生成引擎
2017.07 [msreverseengineering] SynesthesiaYS 介绍
2017.05 [abatchy] ROT-N Shellcode Encoder/Generator (Linux x86)
2017.04 [360] 生成自己的Alphanumeric/Printable shellcode
2017.02 [4hou] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
2017.01 [christophertruncer] Shellcode Generation, Manipulation, and Injection in Python 3
2017.01 [3gstudent] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
2017.01 [3gstudent] Windows Shellcode学习笔记——通过VisualStudio生成shellcode
2016.02 [hackingarticles] Exploitation of Windows PC using Venom: Shellcode Generator
2016.02 [freebuf] 工具推荐：Shellsploit，ShellCode生成器
2016.01 [n0where] Shellcode Generator: Venom
2015.02 [govolution] Null Free Windows WinExec Shellcode & Tool for generating Payload
2014.04 [securityblog] How to generate shellcode from custom exe in metasploit
2012.05 [freebuf] phpcodegen-library[php生成shellcode函数库]
2007.11 [pediy] [原创]生成一个关于URLDownloadToFile的shellcode机器码

转换

工具

[635星][4m] [PS] monoxgas/srdi Shellcode实现的反射DLL注入。将DLL转换为位置无关的Shellcode
[407星][3m] [Assembly] hasherezade/pe_to_shellcode 将PE文件转换为Shellcode
[79星][2y] [Py] blacknbunny/shellcode2assembly
[49星][8m] [C] w1nds/dll2shellcode dll转shellcode工具
[34星][5y] [C++] 5loyd/makecode Dll Convert to Shellcode.
[18星][3y] [Py] after1990s/pe2shellcode pe2shellcode
[12星][1m] [Py] davinci13/exe2shell Converts exe to shellcode.
[10星][3y] [Perl] gnebbia/shellcoder Create shellcode from executable or assembly code
[5星][10m] [C++] giantbranch/convert-c-javascript-shellcode C与javascript格式的shellcode相互转换小工具
[2星][7y] [C] hamza-megahed/binary2shellcode binary to shellcode converter
[0星][6y] [Py] yatebyalubaluniyat/rawshellcode2exe converts raw shellcode to exe

文章

2017.11 [pediy] [原创]【Python】使用Python将Shellcode转换成汇编
2017.11 [freebuf] 如何把shellcode转换成exe文件分析
2015.12 [hexacorn] Converting Shellcode to Portable Executable (32- and 64- bit)

分析

漏洞

工具

[203星][2y] [Py] rootlabs/smap Handy tool for shellcode analysis
[166星][2y] [C] oalabs/blobrunner Quickly debug shellcode extracted during malware analysis
[39星][4y] [Py] dungtv543/dutas Analysis PE file or Shellcode
[38星][5y] [C++] adamkramer/jmp2it Transfer EIP control to shellcode during malware analysis investigation
[11星][5y] [Py] debasishm89/qhook qHooK is very simple python script (dependent on pydbg) which hooks user defined Win32 APIs in any process and monitor then while process is running and at last prepare a CSV report with various interesting information which can help reverse engineer to track down / analyse unknown exploit samples / shellcode.

文章

2019.10 [sentinelone] Building A Custom Tool For Shellcode Analysis
2019.04 [freebuf] Xori：一款针对PE32和Shellcode的自动化反编译与静态分析库
2019.03 [sans] "VelvetSweatshop" Maldocs: Shellcode Analysis
2019.01 [360] 对某HWP漏洞样本的shellcode分析
2018.10 [MSbluehat] BlueHat v18 || Linear time shellcode detection using state machines and operand analysis on the runtime
2018.09 [ironcastle] Analyzing Encoded Shellcode with scdbg, (Mon, Sep 24th)
2018.09 [sans] Analyzing Encoded Shellcode with scdbg
2018.09 [dist67] Using scdbg to analyze shellcode
2018.09 [ironcastle] Video: Using scdbg to analyze shellcode, (Sat, Sep 8th)
2018.09 [sans] Another quickie: Using scdbg to analyze shellcode
2018.08 [doyler] Metasploit Shellcode Analysis – read_file via ndisasm (SLAE Exam #5.1)
2018.06 [nao] Analyzing Shellcode of GrandSoft's CVE-2018-8174
2018.05 [pediy] [原创]od逆向分析栈溢出shellcode
2018.02 [sans] Analyzing compressed shellcode
2017.07 [360] EternalBlue Shellcode详细分析
2017.05 [360] NSA武器库：DoublePulsar初始SMB后门shellcode分析
2017.04 [zerosum0x0] NSA武器库：DoublePulsar初始SMB后门shellcode分析
2017.03 [cysinfo] Episode 3 – Shellcode Analysis with APITracker
2016.12 [360] 恶意文档分析：从宏指令到Shellcode
2016.11 [dist67] Hancitor Maldoc: Shellcode Dynamic Analysis
2016.02 [miasm] Dynamic shellcode analysis
2016.01 [freebuf] Shellcode分析工具PyAna
2015.07 [tencent] Hacking Team Mac OSX 64位 Shellcode 技术分析
2015.07 [riusksk] Hacking Team 武器库研究（五）：Mac OSX 64位 Shellcode 技术分析
2015.06 [pediy] [原创]格盘的shellcode分析
2015.02 [pediy] [原创]解析coff文件之提取shellcode代码
2015.01 [checkpoint] Diving into a Silverlight Exploit and Shellcode – Analysis and Techniques | Check Point Software Blog
2014.12 [sans] Analyzing Shellcode Extracted from Malicious RTF Documents
2014.12 [jowto] 某EXCEL漏洞样本shellcode分析
2014.12 [thembits] RIG Exploit Kit - Shellcode analysis
2014.09 [radare] Adventures with Radare2 #1: A Simple Shellcode Analysis
2014.09 [radare] Adventures with Radare2 #1: A Simple Shellcode Analysis
2014.07 [pediy] [原创]一段 shellcode 代码的分析
2014.01 [govolution] SLAE Assignment 5: Shellcode Analysis
2011.11 [pediy] [原创]简单Shellcode的详细分析
2011.09 [beistlab] 한글 제로데이 쉘코드 간략 분석 (Quick analyzing HanGul 0day shellcode)
2011.03 [pediy] [原创]POC分析助手-ShellcodeDumper
2011.03 [pediy] [原创]一个word溢出样本的shellcode分析
2010.09 [pediy] [原创]CVE-2006-2389漏洞shellcode解析
2010.09 [pediy] [原创]CVE-2010-1297漏洞shellcode简析
2010.06 [forcepoint] Crypto-Analysis in Shellcode Detection
2010.01 [hexblog] PDF file loader to extract and analyse shellcode
2009.10 [pediy] [原创]windows下的shellcode剖析浅谈
2009.06 [microsoft] Shellcode Analysis via MSEC Debugger Extensions
2009.03 [alienvault] Ossim: Shellcode Detection and Analysis
2008.10 [pediy] [原创]一个word溢出样本ShellCode的分析
2008.09 [sans] Static analysis of Shellcode - Part 2
2008.09 [sans] Static analysis of Shellcode
2008.06 [pediy] [原创]flash漏洞所用shellcode的分析
2007.12 [pediy] [技术专题]软件漏洞分析入门_6_初级shellcode_定位缓冲区
2007.06 [pediy] [原创]一份shellcode的详细分析
2007.04 [msreverseengineering] Shellcode Analysis
2006.11 [pediy] [原创]用softice对doc捆绑木马或exe文件的程序的shellcode分析

BypassXxx

AV

工具

[322星][1m] [C#] hackplayers/salsa-tools ShellReverse TCP/UDP/ICMP/DNS/SSL/BINDTCP/Shellcode/SILENTTRINITY and AV bypass, AMSI patched
[195星][1y] [Py] mr-un1k0d3r/unibyav a simple obfuscator that take raw shellcode and generate executable that are Anti-Virus friendly.
[177星][3y] [Py] arno0x/shellcodewrapper 支持多种语言的Shellcode包装器，支持编码/加密。可用于绕过杀软
[84星][2y] [C] hvqzao/foolavc foolav successor - loads DLL, executable or shellcode into memory and runs it effectively bypassing AV
[78星][1m] [Py] k8gege/scrun BypassAV ShellCode Loader (Cobaltstrike/Metasploit)

文章

2020.03 [freebuf] 远控免杀从入门到实践（8）-shellcode免杀实践
2020.02 [aliyun] 那些shellcode免杀总结
2019.12 [aliyun] shellcode加密过杀软
2019.05 [4hou] 绕过杀软：通过网络接收ShellCode的无文件攻击方式与检测方法
2017.08 [modexp] 使用名为 Maru 的哈希函数创建permutable API hash，逃避杀软检测
2017.03 [4hou] 免杀的艺术：史上最全的汇编Shellcode的技巧（三）
2017.03 [pentest] 反检测的艺术（Part 3：Shellcode Alchemy）
2015.09 [] 使用shellcode打造MSF免杀payload
2013.08 [] encode msf shellcode绕过杀毒

工具

[262星][2y] [Py] cryptolok/morphaes 多态shellcode引擎，具有变态特性并能够绕过沙箱，绕过IDPS检测
[226星][7m] [Py] infosecn1nja/maliciousmacromsbuild 生成恶意宏，通过MSBuild执行PowerShell或Shellcode，绕过白名单
[159星][3m] [Py] rvn0xsy/cooolis-ms Cooolis-ms is a server that supports the Metasploit Framework RPC. It is used to work with the Shellcode and PE loader. To some extent, it bypasses the static killing of anti-virus software, and allows the Cooolis-ms server to communicate with the Metasploit server. Separation.
[154星][2m] [C#] fireeye/duedlligence Shellcode runner for all application whitelisting bypasses
[3星][2y] [Py] manojcode/foxit-reader-rce-with-virualalloc-and-shellcode-for-cve-2018-9948-and-cve-2018-9958 Foxit Reader version 9.0.1.1049 Use After Free with ASLR and DEP bypass on heap

文章

2019.11 [freebuf] 红蓝对抗之如何利用Shellcode来躲避安全检测
2019.03 [360] 如何利用OOB数据绕过防火墙对shellcode的拦截
2018.07 [pediy] [翻译]English Shellcode - 散文化Shellcode - 绕过对有效载荷的静态检测的思路
2017.08 [pediy] [原创][原创]给shellcode找块福地－通过VDSO绕过PXN
2017.04 [4hou] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
2017.03 [4hou] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
2017.03 [3gstudent] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
2017.03 [3gstudent] Windows Shellcode学习笔记——利用VirtualAlloc绕过DEP
2017.03 [3gstudent] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
2017.03 [3gstudent] Windows Shellcode学习笔记——通过VirtualProtect绕过DEP
2012.08 [pediy] [原创]一种反检测的Shellcode GetPC方法Flush GetPC
2011.12 [greyhathacker] Bypassing EMET’s EAF with custom shellcode using kernel pointer

ARM

工具

[180星][3m] [C] odzhan/shellcode 针对Windows/Linux/BSD的Shellcode
[41星][1y] [Assembly] therealsaumil/arm_shellcode Make ARM Shellcode Great Again

文章

2019.06 [hitbsecconf] #HITB2019AMS D1T1 - Make ARM Shellcode Great Again - Saumil Shah
2019.04 [X0x0FFB347] Shellcode for IoT: A Password-Protected Reverse Shell (Linux/ARM)
2019.02 [senr] Why is My Perfectly Good Shellcode Not Working?: Cache Coherency on MIPS and ARM
2018.10 [Cooper] Hack.lu 2018: Make ARM Shellcode Great Again - Saumil Udayan Shah
2018.02 [modexp] ARM 汇编初学者指南
2017.09 [modexp] Shellcode: Linux ARM (AArch64)
2017.09 [modexp] Shellcode: Linux ARM Thumb mode
2016.08 [arxiv] [1608.03415] ARMv8 Shellcodes from 'A' to 'Z'
2015.07 [osandamalith] Getting Shellcode from ARM Binaries

其他

工具

收集

[981星][1m] [Py] nullsecuritynet/tools 收集：安全工具、Exp、PoC、Shellcode、脚本

新添加

[179星][2y] [PS] mattifestation/pic_bindshell Position Independent Windows Shellcode Written in C
[156星][3y] [Py] secretsquirrel/fido Teaching old shellcode new tricks
[155星][4y] [C] ixty/xarch_shellcode Cross Architecture Shellcode in C
[148星][4y] [Py] kgretzky/python-x86-obfuscator This is a WIP tool that performs shellcode obfuscation in x86 instruction set.
[129星][4y] [Assembly] osirislab/shellcode a repository of Shellcode written by students in NYU-Polytechnic's ISIS lab.
[124星][6y] tombkeeper/shellcode_template_in_c
[115星][5y] [C] mariovilas/shellcode_tools Miscellaneous tools written in Python, mostly centered around shellcodes.
[76星][2y] [Assembly] zznop/pop-nedry x86-64 Windows shellcode that recreates the Jurassic Park hacking scene (Ah, ah, ah... you didn't' say the magic word!)
[66星][4y] [Assembly] scorchsecurity/systorm NASM Standard Library for shellcode
[60星][1m] [Py] ohjeongwook/shellcodeemulator Shellcode emulator written with Unicorn
[60星][2m] [VBScript] djhohnstein/scatterbrain Suite of Shellcode Running Utilities
[59星][4y] [C] k2/admmutate Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others
[57星][3m] [C] buffer/libemu x86 emulation and shellcode detection
[56星][6y] [C] devzero2000/shellcoderhandbook shellcoderhandbook source code : "The Shellcoder's Handbook: Discovering and Exploiting Security Holes"
[49星][4y] [Assembly] t00sh/assembly Collection of Linux shellcodes
[44星][3y] [C] p0cl4bs/shellcodes
[44星][1m] [Py] offsecginger/pythonaesobfuscate Obfuscates a Python Script and the accompanying Shellcode.
[43星][8y] [C] hellman/shtest Simple shellcode testing tool.
[39星][4y] [C] laginimaineb/waroftheworlds QSEE Shellcode to directly hijack the "Normal World" Linux Kernel
[38星][5m] [Py] desword/shellcode_tools Useful tools for writing shellcode
[38星][4y] [Assembly] sh3llc0d3r1337/windows_reverse_shell_1 Windows Reverse Shell shellcode
[36星][3y] [Assembly] mortenschenk/token-stealing-shellcode
[34星][8m] [C] csandker/inmemoryshellcode A Collection of In-Memory Shellcode Execution Techniques for Windows
[34星][2m] [Py] skybulk/bin2sc Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF
[33星][3y] [Py] mipu94/broids_unicorn simple plugin to detect shellcode on Bro IDS with Unicorn
[27星][7y] [C] hacksysteam/shellcodeofdeath Shellcode Of Death
[26星][2y] [C] embedi/tcl_shellcode A template project for creating a shellcode for the Cisco IOS in the C language
[26星][5m] [C] ufrisk/shellcode64 A minimal tool to extract shellcode from 64-bit PE binaries.
[25星][3y] [C] osandamalith/shellcodes My Shellcode Archive
[25星][5y] [C++] rootkitsmm/winio-vidix Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )
[24星][5y] [C#] tophertimzen/shellcodetester GUI Application in C# to run and disassemble shellcode
[23星][5y] [Assembly] zerosum0x0/slae64 x64 Linux Shellcode
[23星][3m] [Py] zerosteiner/crimson-forge Sustainable shellcode evasion
[21星][4y] [Visual Basic .NET] osandamalith/vbshellcode Making shellcode UD -
[20星][2y] [Py] danielhenrymantilla/shellcode-factory Tool to create and test shellcodes from custom assembly sources (with some encoding options)
[20星][5m] [Assembly] pinkp4nther/shellcodes I'll post my custom shellcode I make here!
[20星][1y] [C] m0rv4i/ridgway A quick tool for hiding a new process running shellcode.
[19星][4y] [Assembly] bruce30262/x86_shellcode_tutorial A training course for BambooFox
[17星][2y] [Py] hamza-megahed/pentest-with-shellcode Penetration testing with shellcode codes
[15星][1m] [C] compilepeace/kaal_bhairav an ELF (ET_EXEC and ET_DYN) infector that infects system binaries with custom shellcode
[15星][2y] [Py] nullarray/shellware Persistent bind shell via pythonic shellcode execution, and registry tampering.
[11星][8m] [Assembly] egebalci/selfdefense Several self-defense shellcodes
[10星][2y] [Py] 1project/scanr Detect x86 shellcode in files and traffic.
[10星][3m] [C] hc0d3r/scdump shellcode dumper
[9星][11m] [C] eahlstrom/ucui-unicorn ncurses shellcode/instructions tester using unicorn-engine
[8星][3y] [Py] breaktoprotect/shellcarver 使用限制字符集在内存雕刻（Carve ） shellcode。手动版的 msfvenom -b
[8星][5y] hoainam1989/shellcode Tut for making Linux Shellcode
[7星][3y] [Assembly] mortenschenk/acl_edit Assembly code to use for Windows kernel shellcode to edit winlogon.exe ACL
[7星][11m] [C] lnslbrty/bufflow A collection of security related code examples e.g. a buffer overflow including an exploit, crypters, shellcodes and more.
[6星][3y] [C] degrigis/exploitation Repo for various exploitation utilities/PoC/Shellcodes/CTF solutions
[6星][11m] [Assembly] govolution/win32shellcode
[4星][4y] [Assembly] theevilbit/shellcode Some random shellcodes I created
[2星][5y] [Assembly] govolution/moreshellcode
[2星][2y] hamza-megahed/shellcode Linux/x86 Shellcodes
[1星][2y] orf53975/rig-exploit-for-cve-2018-8174 Rig Exploit for CVE-2018-8174 As with its previous campaigns, Rig’s Seamless campaign uses malvertising. In this case, the malvertisements have a hidden iframe that redirects victims to Rig’s landing page, which includes an exploit for CVE-2018-8174 and shellcode. This enables remote code execution of the shellcode obfuscated in the landing page…
[1星][3y] [Ruby] shayanzare/obj2shellcode Objdump to ShellCode
[1星][6y] [Assembly] stephenbradshaw/shellcode Various shell code I have written
[1星][6m] [Assembly] push4d/shellcode-alfanumerico---spawn-bin-sh-elf-x86- PoC Shellcode alfanumerico (Solo numeros y letras (mayúsculas y minúsculas)) para invocar un /bin/sh, ELF x86
[1星][10y] [Assembly] skylined/w32-bind-ngs-shellcode Automatically exported from code.google.com/p/w32-bind-ngs-shellcode
[0星][2y] [Assembly] felixzhang00/shellcode_example
[0星][2y] [Py] orangepirate/cve-2018-9948-9958-exp a exp for cve-2018-9948/9958 , current shellcode called win-calc
[0星][5y] [C] quantumvm/forkshellcode Runs and executable and forks shellcode.
[0星][4y] [Makefile] sh3llc0d3r1337/slae32-polymorphic-shellcodes SLAE32 Assignment #6 - Polymorphic shellcodes
[0星][5y] [Py] wjlandryiii/shellcode my shellcode

其他

[2425星][2y] [Py] secretsquirrel/the-backdoor-factory 为PE, ELF, Mach-O二进制文件添加Shellcode后门
[2209星][1m] [Py] trustedsec/unicorn 通过PowerShell降级攻击, 直接将Shellcode注入到内存
[664星][1y] [Rust] endgameinc/xori 自动化反汇编、静态分析库，适用于PE32, 32+ 和shellcode
[470星][3y] [Py] trustedsec/meterssh 将Shellcode注入内存，然后通过SSH隧道传输（端口任选，并伪装成普通SSH连接）
[430星][2m] [C] hasherezade/hollows_hunter Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
[225星][1m] [PS] outflanknl/excel4-dcom PowerShell和Cobalt Strike脚本，通过DCOM执行Excel4.0/XLM宏实现横向渗透（直接向Excel.exe注入Shellcode）

文章

新添加

2020.02 [3gstudent] 通过Mono(跨平台.NET运行环境)执行shellcode
2020.02 [3gstudent] 通过Boolang语言执行shellcode的利用分析
2019.12 [johnlatwc] Early Security Stories — Green Shellcode Contest
2019.11 [aliyun] shellcode 的艺术
2019.08 [osandamalith] Running Shellcode Directly in C
2019.08 [code610] ret2shellcode challenge
2019.08 [sentinelone] Malicious Input: How Hackers Use Shellcode
2019.07 [pcsxcetrasupport3] Those Pesky Powershell Shellcode’s And How To Understand Them
2019.07 [gironsec] A Shellcode Idea
2019.06 [gironsec] Expiring Shellcode update
2019.05 [X0x0FFB347] Solving MalwareTech Shellcode challenges with some radare2 magic!
2019.05 [osandamalith] Shellcode to Dump the Lsass Process
2019.03 [vkremez] Let's Learn: Dissecting Operation ShadowHammer Shellcode Internals in crt_ExitProcess
2019.03 [X0x0FFB347] A Trinity of Shellcode, AES & Go
2019.03 [BorjaMerino] One-Way Shellcode for firewall evasion using Out Of Band data
2019.03 [shelliscoming] One-Way Shellcode for firewall evasion using Out Of Band data
2019.03 [pcsxcetrasupport3] A look at a bmp file with embedded shellcode
2019.01 [fuzzysecurity] FreeFloat FTP (custom shellcode)
2019.01 [fuzzysecurity] Windows XP PRO SP3 - Full ROP calc shellcode
2019.01 [micropoor] Micropoor_shellcode for payload backdoor
2019.01 [ironcastle] Maldoc with Nonfunctional Shellcode, (Wed, Jan 2nd)
2019.01 [sans] Maldoc with Nonfunctional Shellcode
2018.11 [MalwareTech] Beginner Reversing #3 (Shellcode2 & Lab Overview)
2018.10 [MalwareTech] Beginner Reversing #2 (Shellcode1 & MEMZ Malware)
2018.10 [doyler] Custom Shellcode Crypter – SLAE Exam Assignment #7
2018.09 [doyler] Polymorphic Shellcode – SLAE Exam Assignment #6
2018.09 [malwarenailed] Reversing shellcode using blobrunner and Olly
2018.08 [secist] MMFML-powershell-shellcode
2018.08 [doyler] Shellcode Encoding – Random Bytewise XOR (SLAE Exam #4)
2018.08 [nightst0rm] Tản mạn về edit shellcode của metasploit
2018.08 [trendmicro] Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode
2018.08 [doyler] Egg Hunter Shellcode – SLAE Exam Assignment #3
2018.07 [doyler] Shell Reverse TCP Shellcode – SLAE Exam Assignment #2
2018.07 [doyler] Shell Bind TCP Shellcode – SLAE Exam Assignment #1
2018.06 [pediy] [原创]windows下shellcode提取模板的实现
2018.06 [doyler] Hello World Shellcode – Now for the fun part!
2018.06 [shelliscoming] Windows reuse shellcode based on socket's lifetime
2018.05 [aliyun] 溢出过程需要的shellcode测试
2018.05 [pentestingexperts] smap: Shellcode mapper
2018.05 [rapid7] 隐藏Metasploit Shellcode, 躲避Windows Defender检测
2018.04 [sploitspren] Linux x86 Polymorphic Shellcode
2018.04 [sploitspren] Linux x86 Polymorphic Shellcode
2018.04 [venus] Cisco ios shellcode: all-in-one译文
2018.04 [aliyun] Coding art in shellcode（3）
2018.04 [aliyun] Coding art in shellcode（2）
2018.04 [aliyun] Coding art in shellcode（1）
2018.02 [360] Windows(x86与x64) Shellcode技术研究
2018.01 [trackwatch] Improving custom shellcode detection
2017.12 [OALabs] Debugging shellcode using BlobRunner and IDA Pro
2017.11 [360] Egg Hunting：一个非常短的shellcode
2017.11 [modexp] 可以当作推文发送的 x86 Windows 反向 Shell
2017.11 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes encodés sur GATEWATCHER sur Windows Server 2008 R2 (Version 2.X minimum)
2017.11 [mediaservice] A patch for PowerSploit’s Invoke-Shellcode.ps1
2017.10 [freebuf] 用TEB结构实现ShellCode的通用性
2017.10 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes encodés sur GATEWATCHER sur Linux (Version 2.X minimum)
2017.10 [trackwatch] [CODEBREAKER] Présentation de la détection des shellcodes custom non encodés sur GATEWATCHER sur Windows XP (Version 2.5 minimum)
2017.09 [aliyun] Shellcode另类使用方式
2017.08 [360] HITB GSEC CTF Win Pwn解题全记录之babyshellcode
2017.08 [venus] HITB GSEC CTF Win Pwn 解题全记录之 babyshellcode
2017.08 [360] 通过Shellcode聚类识别定向攻击（APT）相关的恶意代码
2017.08 [vkremez] Let's Learn: Preparing Shellcode in NASM
2017.08 [4hou] 教你如何使用分组密码对shellcode中的windows api字符串进行加密
2017.07 [ColinHardy] Extract Shellcode from Fileless Malware like a Pro
2017.06 [modexp] Shellcode: The hunt for GetProcAddress
2017.06 [nsfocus] 手把手简易实现shellcode及详解
2017.06 [pediy] [翻译]Shellcode:x86优化 part 1
2017.06 [modexp] Shellcode: x86 优化方案（part 1）。Part 1 包括4部分：变量/寄存器的声明和初始化、测试变量/寄存器的值、条件跳转和控制流、字符转换
2017.05 [secist] ShellCode入门（提取ShellCode）
2017.05 [secist] 任意程序添加ShellCode
2017.05 [abatchy] Linux/x86 - Disable ASLR Shellcode (71 bytes)
2017.04 [abatchy] Shellcode reduction tips (x86)
2017.03 [pediy] [原创][shellcode框架（一）] 认识shellcode，部署shellcode开放框架
2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 4）
2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 4 - There is No Code
2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 3）
2017.03 [360] 智能逃避IDS——RSA非对称多态SHELLCODE
2017.03 [4hou] Windows Shellcode学习笔记——Shellcode的提取与测试
2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 3
2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 2）
2017.03 [360] 探索基于Windows 10的Windows内核Shellcode（Part 1）
2017.03 [360] 反侦测的艺术part3：shellcode炼金术
2017.03 [4hou] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
2017.03 [improsec] Windows Kernel Shellcode on Windows 10 – Part 2
2017.03 [4hou] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
2017.03 [3gstudent] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
2017.03 [osandamalith] Shellcode to Scroll your Desktop Vertically and Horizontally
2017.03 [pediy] [原创]PE2Shellcode
2017.03 [3gstudent] Windows Shellcode学习笔记——栈溢出中对jmp esp的利用与优化
2017.02 [osandamalith] Shellcode to Scroll Your Desktop Horizontally
2017.02 [osandamalith] Shellcode to Invert Colors
2017.02 [improsec] Windows Kernel Shellcode on Windows 10 – Part 1
2017.02 [n0where] Shellcode Builder: Shell Factory
2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode在栈溢出中的利用与优化
2017.02 [csyssec] X86 Shellcode代码混淆(一)
2017.02 [modexp] Shellcode: Dual Mode (x86 + amd64) Linux shellcode
2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode的提取与测试
2017.02 [3gstudent] Windows Shellcode学习笔记——shellcode的提取与测试
2017.01 [modexp] Shellcode: Dual mode PIC for x86 (Reverse and Bind Shells for Windows)
2017.01 [modexp] Shellcode: Solaris x86
2017.01 [modexp] Shellcode: Mac OSX amd64
2017.01 [modexp] Shellcode: Resolving API addresses in memory
2017.01 [360] 远程漏洞利用：无需借助套接字的Shellcode
2016.12 [360] NC后门技术（shellcode版）
2016.12 [modexp] Shellcode: A Windows PIC using RSA-2048 key exchange, AES-256, SHA-3
2016.12 [360] 使用PLC作为payload/shellcode分发系统（含演示视频）
2016.12 [hexacorn] Shellcode. I’ll Call you back.
2016.12 [shelliscoming] Modbus Stager: Using PLCs as a payload/shellcode distribution system
2016.12 [venus] Shellcode Compiler - 一款易用的 Shellcode 编译工具
2016.11 [dist67] VBA Shellcode To Test EMET
2016.11 [sans] VBA Shellcode and EMET
2016.11 [msreverseengineering] Synesthesia: Modern Shellcode Synthesis (Ekoparty 2016 Talk)
2016.10 [360] 浅谈ASLR和Shellcode的那些事儿
2016.09 [dist67] Maldoc VBA: Shellcode
2016.09 [3gstudent] Study Notes Weekly No.2(Shellcode Via JScript & VBScript)
2016.09 [3gstudent] Study Notes Weekly No.2(Shellcode Via JScript & VBScript)
2016.08 [paloaltonetworks] VB Dropper and Shellcode for Hancitor Reveal New Techniques Behi
2016.08 [uaf] openCTF 2016 - tyro_shellcode2
2016.08 [uaf] openCTF 2016 - tyro_shellcode
2016.08 [osandamalith] Making your Shellcode Undetectable using .NET
2016.07 [sizzop] Kernel Hacking With HEVD Part 3 - The Shellcode
2016.06 [breakdev] X86 Shellcode Obfuscation - Part 3
2016.06 [paraschetal] Gracker level7 (Ghost in the Shellcode!)
2016.06 [mcafee] Threat Actors Employ COM Technology in Shellcode to Evade Detection
2016.06 [mcafee] Threat Actors Employ COM Technology in Shellcode to Evade Detection
2016.06 [modexp] Shellcode: Detection between Windows/Linux/BSD on x86 architecture
2016.05 [angelalonso] Malicious Excel documents with macros running shellcodes
2016.05 [hackingarticles] Hack Remote Windows 10 PC using Cypher (Adding Shellcode to PE files)
2016.05 [breakdev] X86 Shellcode Obfuscation - Part 2
2016.05 [breakdev] X86 Shellcode Obfuscation - Part 1
2016.04 [paraschetal] OWASP ZCR Shellcoder
2016.04 [modexp] Shellcode: FreeBSD / OpenBSD amd64
2016.03 [modexp] Shellcode: Linux amd64
2016.02 [ZeroNights] George Nosenko — Cisco IOS shellcode — all-in-one
2016.02 [freebuf] OWASP ZSC Shellcoder：定制个人专属Shellcode
2015.11 [pediy] [原创]我也发一个自己写的reverse_bind shellcode代码
2015.11 [autohacker] Android Shellcode Telnetd with Parameters
2015.09 [ly0n] Windows bind shell universal shellcode
2015.09 [ly0n] Windows bind shell universal shellcode
2015.09 [theevilbit] Creating OSX shellcodes
2015.09 [bigendiansmalls] Bind Shell – shellcode and source
2015.08 [ly0n] Windows reverse shell universal shellcode
2015.08 [ly0n] Windows reverse shell universal shellcode
2015.08 [ly0n] WinExec calc.exe universal shellcode
2015.08 [ly0n] WinExec calc.exe universal shellcode
2015.08 [n0where] OWASP ZeroDay Cyber Research Shellcoder
2015.07 [bigendiansmalls] Shellcode Freebie!
2015.07 [bigendiansmalls] Mainframe shellcode
2015.06 [sans] Detecting Shellcode Hidden in Malicious Files
2015.06 [tophertimzen] Shellcode Techniques in C++
2015.04 [govolution] Shifting from 32bit to 64bit Linux Shellcode
2015.04 [govolution] Dumping shellcode 64bit style
2015.04 [tophertimzen] Shellcode in .NET - How the PEB Changes
2015.03 [osandamalith] Running Shellcode in your Raspberry Pi
2014.12 [sans] Examining Shellcode in a Debugger through Control of the Instruction Pointer
2014.12 [zerosum0x0] x64 Egg-Hunter Shellcode Stager
2014.12 [zerosum0x0] x64 Linux Polymorphic execve() shellcode
2014.12 [zerosum0x0] x64 Shellcode One-Time Pad Crypter
2014.12 [zerosum0x0] x64 Linux Polymorphic forkbomb shellcode
2014.12 [zerosum0x0] x64 Linux Polymorphic read file shellcode
2014.12 [zerosum0x0] x64 Linux reverse TCP connect shellcode (75 to 83 bytes, 88 to 96 with password)
2014.12 [zerosum0x0] x64 Linux bind TCP port shellcode (80 bytes, 95 with password)
2014.12 [nebelwelt] Ghost in the Shellcode Teaser 2015: Lost To Time
2014.12 [tophertimzen] Windows x64 shellcode编写指南
2014.11 [pediy] [原创]史上最小无需重定位的"格盘"ShellCode
2014.11 [sans] Guest Diary: Didier Stevens - Shellcode Detection with XORSearch
2014.10 [MarcusNiemietz] Svetlana Gaivoronski - Shellcode detection techniques
2014.09 [pediy] [原创]根据一个通用的shellcode 还原的一段汇编代码
2014.07 [govolution] Shellcode Binder for Windows 64 Bit
2014.07 [osandamalith] shutdown -h now Shellcode
2014.06 [osandamalith] Chmod 0777 Polymorphic Shellcode
2014.05 [parsiya] Pasting Shellcode in GDB using Python
2014.04 [skullsecurity] Ghost in the Shellcode: fuzzy (Pwnage 301)
2014.03 [] Two shellcodes and a bit of code
2014.03 [zairon] Obfuscated shellcode inside a malicious RTF document
2014.02 [freebuf] 用C语言进一步优化Windows Shellcode
2014.02 [rapid7] Shellcode Golf: Every Byte is Sacred
2014.02 [govolution] Shellcode for deleting a file
2014.01 [govolution] SLAE: Shellcode read and send file
2014.01 [skullsecurity] Ghost in the Shellcode: gitsmsg (Pwnage 299)
2014.01 [govolution] SLAE Assignment 6: Polymorphic Shellcode
2014.01 [skullsecurity] Ghost in the Shellcode: TI-1337 (Pwnable 100)
2014.01 [pediy] [原创]揭示《shellcoder's handbook》中一个函数的运行机制
2013.12 [pediy] [原创]shellcode 版的 hello world
2013.12 [anti] A Shellter for your shellcode…
2013.12 [pediy] [原创]旧书重温：0day2[5]shellcode变形记
2013.11 [infosec42] [Shellcode] MIPS Little Endian Reverse Shell Shellcode (Linux)
2013.08 [v0ids3curity] Stdin reopen & execve /bin/sh shellcode for Linux/x86_64
2013.07 [infosec42] [Shellcode] MIPS Little Endian system() Shellcode
2013.06 [pediy] [原创]分享用C语言写ShellCode的技术应用--拦截系统记事本工具的保存菜单
2013.06 [pediy] [原创]分享用C语言写ShellCode的实现源码
2013.06 [jumpespjump] One-liner to only get the shellcode from objdump
2013.04 [pediy] [原创]新人ShellCode小总结,附带一个讨论问题
2013.03 [techorganic] Binary to shellcode
2013.02 [v0ids3curity] Ghost In The Shellcode 2013 CTF - Pwnable 100 - Question 8 Shiftd [Team xbios]
2013.01 [pediy] [原创]MAsM ShellCode 宏框架使用手册 CHM
2012.11 [offensive] Fun with AIX Shellcode and Metasploit
2012.11 [cawanblog] Design and Implementation of Token Stealing Kernel Shellcode for Windows 8
2012.11 [cawanblog] How To Build A Kernel Shellcode Design and Testing Platform For Windows 8 By Using Windbg
2012.10 [pediy] [原创]ShellCodeToAscii
2012.08 [pediy] [原创] Shellcode In X64-3 Test Your Shellcode
2012.08 [pediy] [原创]Shellcode In X64-2Search Function using hash
2012.08 [pediy] [原创]Shellcode In X64-1Find Kernel32.dll
2012.08 [rsa] Network detection of x86 buffer overflow shellcode
2012.07 [magictong] ShellCode的调试方法和常见问题的解决方法
2012.05 [pediy] [原创] 也学构造字母shellcode
2012.05 [joxeankoret] Embedding a shellcode in a PE file
2012.03 [] 文件类漏洞ShellCode的查找
2012.03 [sans] Phishing with obfuscated javascript, shellcode and malware
2012.01 [] Linux/x86 Polymorphic ShellCode – setuid(0)+setgid(0)+add user ‘iph’ without password to /etc/passwd
2011.11 [pediy] [原创]我的第一次vc转shellcode历程
2011.10 [dist67] White Hat Shellcode Workshop: Enforcing Permanent DEP
2011.08 [pediy] [原创]OllyDgb下的shellcode提取插件
2011.06 [pediy] [求助]在shellcode中遇到疑惑的浮点指令
2011.04 [pediy] [原创]Dadong's JSXX 0.39 VIP所用shellcode调试
2011.03 [purehacking] The Shellcode Lab - Black Hat Training Course
2011.01 [travisgoodspeed] Generic CC1110 Sniffing, Shellcode, and iClickers
2010.12 [pediy] [原创]shellcode框架，纯属娱乐
2010.11 [e] Hiding Shellcode in Plain Sight
2010.09 [pediy] [原创]众里寻他千百度----文件类漏洞ShellCode的查找
2010.05 [pediy] [原创]纯字母shellcode揭秘
2010.04 [pediy] [原创]基于shellcode感染方式的组合病毒研究
2010.03 [skullsecurity] Weaponizing dnscat with shellcode and Metasploit
2009.06 [heelan] Morphing shellcode using CFGs and SAT
2009.05 [heelan] Not all shellcode locations are made equal
2009.03 [pediy] [分享]贴一个MessageBox的shellcode
2009.01 [pediy] [原创]改写前辈的shellcode（delphi版）
2008.12 [edge] Shellcode2Exe
2008.11 [pediy] [原创]汇编打造最简单的shellcode
2008.09 [pediy] [原创]ShellCode Locator for IDA 5.2
2008.07 [pediy] [翻譯]SHELLCODE 設計解密
2008.07 [pediy] [原创]32字节的退出进程Shellcode
2008.07 [pediy] [原创]word 漏洞利用shellcode代码反汇编
2008.06 [pediy] [作品提交]ShellCode辅助工具
2008.05 [pediy] [原创]快速高效的写shellcode
2008.02 [pediy] [原创]shellcode之小小琢磨
2007.08 [pediy] [原创]完全不懂shellcode解第二阶段第一题
2007.03 [pediy] 《The Shellcoder's handbook》第十九章_二进制审计：Hacking不公开源码的软件
2007.02 [pediy] 《The Shellcoder's handbook》第十八章_跟踪漏洞
2007.02 [pediy] [注意]《The Shellcoder's Handbook》中的笔误
2007.02 [pediy] 《The Shellcoder's handbook》第十七章_Instrumented Investigation:手工的方法
2007.02 [pediy] 《The Shellcoder's handbook》第十六章_源码审计：在C-Based 语言里寻找漏洞
2007.02 [pediy] 《The Shellcoder's handbook》第十五_Fuzzing的技巧
2007.01 [pediy] 《The Shellcoder's handbook》第十三章_建立工作环境
2007.01 [pediy] 《The Shellcoder's handbook》第十二章_破解HP Tru64 Unix
2007.01 [pediy] 《The Shellcoder's handbook》第十一章_高级 Solaris 破解
2007.01 [pediy] 《The Shellcoder's handbook》第十章_Solaris 破解入门
2006.12 [pediy] 《The Shellcoder's handbook》第九章_战胜过滤器
2006.12 [pediy] 《The Shellcoder's handbook》第八章_Windows 溢出
2006.12 [pediy] 来看看WINRAR溢出漏洞吧,写个SHELLCODE就可以捆绑程序[注意]
2006.12 [pediy] 《The Shellcoder's handbook》第七章_Windows Shellcode
2006.12 [pediy] 《The Shellcoder's handbook》翻译汇总及勘误
2006.12 [pediy] 《The Shellcoder's handbook》第六章_Windows的广阔原野
2006.11 [em386] Sysenter shellcode
2006.11 [pediy] 《The Shellcoder's handbook》第五章_堆溢出
2006.11 [pediy] 《The Shellcoder's handbook》第四章_格式化串漏洞
2006.11 [pediy] 《The Shellcoder's handbook》第三章_Shellcode
2006.10 [pediy] 《The Shellcoder's handbook》第二章_栈溢出
2006.10 [pediy] 《The Shellcoder's handbook》第一章_在开始之前
2006.10 [pediy] [原创]小议shellcoder
2006.04 [pediy] [原创]常用ShellCode Hash算法-Delphi内镶BASM
2005.01 [pediy] shellcode和我写的一个例子

贡献

内容为系统自动导出, 有任何问题请提issue

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
history		history
Readme.md		Readme.md
Readme_en.md		Readme_en.md

alphaSeclab/shellcode-resources

Folders and files

Latest commit

History

Repository files navigation

所有收集类项目

Shellcode

目录

开发&&编写

shellen

工具

文章

漏洞开发

工具

文章

编码&&解码

工具

文章

工具

文章

启动&&加载&&注入&&执行

注入

工具

文章

执行

工具

文章

工具

文章

生成

工具

文章

转换

工具

文章

分析

漏洞

工具

文章

BypassXxx

AV

工具

文章

工具

文章

ARM

工具

文章

其他

工具

收集

新添加

其他

文章

新添加

贡献

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages