{"id":26105769,"url":"https://github.com/0xrootmeow/goshell","last_synced_at":"2026-05-28T01:01:45.941Z","repository":{"id":281346993,"uuid":"945001838","full_name":"0xrootmeow/GoShell","owner":"0xrootmeow","description":"A Go reverse shell with AES encryption, string obfuscation, debugger detection, and cross-platform compatibility, designed for educational purposes and authorized penetration testing.","archived":false,"fork":false,"pushed_at":"2025-03-08T12:32:30.000Z","size":0,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-08T13:29:56.720Z","etag":null,"topics":["cybersecurity","golang","offensive-scripts","offensive-security","redteam","redteam-infrastructure","redteam-tools","redteaming"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xrootmeow.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-03-08T12:31:25.000Z","updated_at":"2025-03-08T12:33:36.000Z","dependencies_parsed_at":"2025-03-08T13:30:00.375Z","dependency_job_id":"ad7cc308-ca54-4ffe-ac6e-f1ca6cda1c3c","html_url":"https://github.com/0xrootmeow/GoShell","commit_stats":null,"previous_names":["0xrootmeow/goshell"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrootmeow%2FGoShell","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrootmeow%2FGoShell/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrootmeow%2FGoShell/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xrootmeow%2FGoShell/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xrootmeow","download_url":"https://codeload.github.com/0xrootmeow/GoShell/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242757001,"owners_count":20180204,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","golang","offensive-scripts","offensive-security","redteam","redteam-infrastructure","redteam-tools","redteaming"],"created_at":"2025-03-09T21:53:56.170Z","updated_at":"2025-12-13T13:03:34.187Z","avatar_url":"https://github.com/0xrootmeow.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Go Reverse Shell with Evasion Techniques\n\nThis Go program implements a reverse shell with several anti-detection and anti-debugging techniques, designed for educational purposes and authorized penetration testing. **Use with caution and only in environments where you have explicit permission.**\n\n**Disclaimer:** This code is provided for educational purposes only. Unauthorized use is strictly prohibited. The author is not responsible for any misuse.\n\n## Features\n\n* **Encrypted Communication:**\n    * Uses AES-256 encryption with a randomly generated Initialization Vector (IV) for each session to encrypt the communication between the attacker and the target.\n    * The target host and port are also encrypted, making static analysis more difficult.\n* **String Obfuscation:**\n    * Dynamically obfuscates critical strings (e.g., \"powershell.exe\", \"/bin/sh\") at runtime to evade signature-based detection.\n* **Debugger Detection:**\n    * Checks for the presence of a debugger using the `IsDebuggerPresent` API on Windows, exiting if one is detected.\n* **Cross-Platform Compatibility:**\n    * Works on both Windows and Linux systems, automatically selecting the appropriate shell.\n* **Time Delays:**\n    * Includes a time delay in the `init` function to potentially evade timing-based detection.\n* **Base64 Encoding:**\n    * Uses base64 encoding to hide the encrypted host and port.\n* **Minimization of direct syscalls:**\n    * attempts to minimize the amount of direct syscalls.\n\n## Usage\n\n1.  **Generate Encrypted Host/Port and Key:**\n    * Run the Go program. It will print the encrypted host/port string and the base64-encoded key.\n    * Copy these values.\n2.  **Update the Code:**\n    * Replace the placeholder `encryptedHostPort` and `key` values in the `main.go` file with the generated strings.\n3.  **Compile:**\n    * **Windows:** `go build -ldflags=\"-H windowsgui\" main.go`\n    * **Linux:** `go build main.go`\n4.  **Set up a Listener:**\n    * On your attacker machine, set up a netcat listener: `nc -lvp \u003cport\u003e`\n5.  **Run the Executable:**\n    * Execute the compiled binary on the target machine.\n\n## Code Explanation\n\n* **Encryption/Decryption:**\n    * The `encrypt` and `decrypt` functions use AES-256 in CFB mode.\n* **String Obfuscation:**\n    * The `randomizeString` function randomizes the bytes of strings.\n* **Debugger Detection:**\n    * The `isDebuggerPresent` function uses the Windows API to detect debuggers.\n* **Shell Selection:**\n    * The `main` function dynamically selects the appropriate shell based on the operating system.\n* **Init Function:**\n    * The `init` function handles the encrypted host/port generation and debugger detection.\n\n## Building for Windows\n\nIf you are building this on windows, you can use this command:\n\n```bash\ngo build -ldflags=\"-H windowsgui\" main.go\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xrootmeow%2Fgoshell","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xrootmeow%2Fgoshell","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xrootmeow%2Fgoshell/lists"}