ShenCode
A versatile tool for working with shellcodes.
Features
ShenCode is a framework for developing, analyzing and testing shellcodes. It supports the following operating modes:
- Argument mode
shencode core output -i file.raw -s inspect
- Interactive Mode
shencode$ load outputshencode::core::output$
- Task Mode
- Automate modules in different steps with
json
- Automate modules in different steps with
Version 0.9.0
General usage
Check out ShenCode Docs and the starter tutorial for more information.
Modules
| Category | Description | Modules |
|---|---|---|
core | Shencode core functions | download - extract- inspect - minidump - output - subproc - task |
encoder | Shellcode encoder | alphanum - bytebert - byteswap1 - multicoder - xor - xorchain - xorpoly2 |
inject | Process injection modules | dll - injection - linject - ntinjection - psoverwrite3 |
obfuscate | Shellcode obfuscation techniques | feed4 - qrcode - rolhash - uuid |
payload | Modules to generate payloads | msfvenom - winexec |
stager | Stage loaders | meterpreter - sliver |
How to use
Install
git clone https://github.com/psycore8/shencode
cd shencode
python -m venv .venv
<! ACTIVATE-VENV-SEE-BELOW !>
pip install .
shencode -hTo activate the virtual environment use the following command:
- Windows -
.venv\bin\activate - Linux -
source .venv/bin/activate
Release Notes
general- code cleanupgeneral- improved output with rich implementationgeneral- ShenCode as python modulecore/inspect- seperated the file inspect function to a module, including html exportcore/output- removed inspectcore/task- Improved JSON scheme for better iteration and multiple module usage in one fileobfuscate/uuid- file output and reverse function addedstager/meterpreter- fixed some argument errorsstager/sliver- fixed a datatype error and os.name implementation
References
- Byte-Swapping
- In-Memory Decoder
- Function Name Hashing
- Win32API with python3 injection
- Violent python: XOR Encryption
- How to easily encrypt file in python