A versatile tool for working with shellcodes.
ShenCode is a framework for developing, analyzing and testing shellcodes. It comes with 3 operating modes:
- Argument mode
shencode core output -i file.raw -s inspect
- [[getting-started#Interactive|Interactive mode]]
shencode$ load outputshencode::core::output$
- [[task|Task mode]]
- Automate modules in different steps with
json
- Automate modules in different steps with
Help docs are currently not up to date. I am working on a new publishing system. This will be done in a few days.
Check out ShenCode Docs and the starter tutorial for more information.
| Category | Module | Description | Docs | Refs |
|---|---|---|---|---|
core |
download |
Download remote files | download | |
core |
extract |
Extract a range of bytes from a file | extract | |
core |
output |
Inspect and display files in different formats | output | |
core |
subproc |
Execute an external subprocess | subproc | |
core |
task |
Execute tasks to automate ShenCode | task | |
encoder |
alphanum |
Alphanumeric encoder to avoid null bytes | alphanum | |
encoder |
bytebert |
Advanced polymorphic encoder | bytebert | |
encoder |
byteswap |
New XOR Encryption, Swapping Bytes | byteswap | Blog Post |
encoder |
multicoder |
Multi-Algorithm encoder | multicoder | |
encoder |
xor |
Encode payload with custom XOR key | xor | |
encoder |
xorpoly |
Polymorphic x64 in-memory decoder | xorpoly | Blog Post |
inject |
dll |
Inject dll into a process | dll | |
inject |
injection |
Inject shellcode into a process | injection | |
inject |
ntinjection |
Inject with native windows API | ntinjection | |
inject |
psoverwrite |
Process overwriting injection | psoverwrite | hasherezade |
obfuscate |
feed |
Hide shellcode bytes in a feed.xml file | feed | |
obfuscate |
qrcode |
Generate QR-Code from a file | qrcode | |
obfuscate |
rolhash |
ROR13 to custom ROL hashing | rolhash | |
obfuscate |
uuid |
Generate UUIDs from shellcode | uuid | Blog Post |
payload |
msfvenom |
Create payloads with msfvenom | msfvenom | |
payload |
winexec |
Create a shellcode with custom WinExec command | winexec | |
stager |
meterpreter |
Download a meterpreter reverse tcp stage | meterpreter | |
stager |
sliver |
Download a sliver stage | sliver |
git clone https://github.com/psycore8/shencode
cd shencode
python -m venv .venv
<! ACTIVATE-VENV-SEE-BELOW !>
pip install .
shencode -hTo activate the virtual environment use the following command:
- Windows -
.venv\bin\activate - Linux -
source .venv/bin/activate
general- Task file for starters tutorialgeneral- interactive modecore/extract- deleted deprecatedstart_offsetandend_offsetargumentscore/output- assemble x64 instructionsencoder/alphanum- added variable padding optioninject/psoverwrite- fixed broken CFGuard mitigationobfuscate/feed- customize feed parameters (author, title, subtitle, uri)payload/winexec- new instructions producing 00cmp rcx, 0payload/winexec- xor rdx and rdi for correct stack alignmentstager/sliver- implemented newaesargument with nargs support