Repository files navigation

A sophisticated Windows-based shellcode execution framework featuring encrypted payload embedding, anti-debugging mechanisms, and a user-friendly Qt interface for security research and penetration testing.

• Encrypted Shellcode Execution: XOR-based encryption with position-dependent keys for payload obfuscation
• Anti-Debugging Protection: Built-in debugger detection using INT 3 breakpoint techniques
• GUI Interface: Clean Qt-based interface for easy shellcode loading and execution
• Payload Generator: Command-line tool for encrypting and embedding payloads into loader executables
• Memory Protection: Dynamic memory allocation with proper executable page permissions
• Thread-based Execution: Asynchronous shellcode execution in separate threads
• Lazy Import Resolution: Runtime API resolution to evade static analysis
• Memory Obfuscation: Custom memory copy functions to avoid standard library calls
• Debugger Evasion: Exception-based debugger detection mechanisms
• Encrypted Storage: Payloads are encrypted and embedded within the executable

• Windows 10/11
• Visual Studio 2022
• Qt Framework 5.x or 6.x

• Qt Widgets module
• Windows API libraries
• C++ Runtime libraries

• Clone the repository

• Open the solution file (.sln).

• SelectBuild Solution from theBuild menu.

Use the ShellMaker tool to encrypt and embed your shellcode:

ShellMaker.exe input_payload.bin output_loader.exe

Example:

ShellMaker.exe meterpreter.bin encrypted_loader.exe

1. GUI Method: Run the Loading.exe application and it will automatically execute embedded shellcode
2. Command Line: The loader automatically detects and executes embedded payloads

#include"code.h"intmain() {// Initialize the loaderif (start() ==0) {printf("Shellcode executed successfully\n");    }return0;}

• Maximum payload size: 27,136 bytes (defined byDATA_SIZE)
• Minimum marker sequence: 66 bytes (0x42)

• Algorithm: XOR with position-based key
• Key Generation:(byte ^ (position + 1)) + 1
• Marker Byte: 0x41 (used for payload location)

The loader includes several configurable anti-debugging mechanisms:

// Debugger detection via INT 3boolTesbuer() {    __try {        __asm {            _emit0xCD// INT 03            _emit0x03            _emit0xC3// RET        }    }__except (EXCEPTION_EXECUTE_HANDLER) {returnfalse;// Debugger detected    }returntrue;}

# Build test configurations in Visual Studio# Run with appropriate test payloads

• Tested on Windows 10 (1909, 2004, 21H1, 21H2)
• Tested on Windows 11
• Compatible with both x86 and x64 architectures

This software is provided for educational and research purposes only. The authors and contributors are not responsible for any misuse or damage caused by this software.

This project is licensed under the MIT License - see theLICENSE file for details.