{"id":19508046,"url":"https://github.com/EvilBytecode/Evilbytecode-Shellcode-Go-Tactics","last_synced_at":"2025-04-26T02:33:45.708Z","repository":{"id":249564621,"uuid":"831799948","full_name":"EvilBytecode/Evilbytecode-Shellcode-Go-Tactics","owner":"EvilBytecode","description":"A mutliple tactics to execute shellcode in go :}","archived":false,"fork":false,"pushed_at":"2024-07-21T20:35:48.000Z","size":27,"stargazers_count":18,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-15T08:58:59.503Z","etag":null,"topics":["evasion","fud","shellcode","shellcode-injection","shellcode-injector","shellcode-loader","shellcode-runner","ud"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/EvilBytecode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-21T16:53:32.000Z","updated_at":"2025-04-14T02:25:00.000Z","dependencies_parsed_at":"2024-07-21T22:14:02.883Z","dependency_job_id":null,"html_url":"https://github.com/EvilBytecode/Evilbytecode-Shellcode-Go-Tactics","commit_stats":null,"previous_names":["evilbytecode/shellcode-go-tactics"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/EvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/EvilBytecode","download_url":"https://codeload.github.com/EvilBytecode/Evilbytecode-Shellcode-Go-Tactics/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250922189,"owners_count":21508289,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["evasion","fud","shellcode","shellcode-injection","shellcode-injector","shellcode-loader","shellcode-runner","ud"],"created_at":"2024-11-10T23:03:05.540Z","updated_at":"2025-04-26T02:33:45.480Z","avatar_url":"https://github.com/EvilBytecode.png","language":"Go","readme":"# Evilbytecode Shellcode Execution Tactics\n\nThis repository contains various projects that demonstrate advanced techniques for executing shellcode and performing memory manipulation.\n\n## Features\n\n- **APC Injection**  \n  Exploits the Asynchronous Procedure Call (APC) technique to execute malicious code within target processes.\n\n- **Early Bird APC Injection**  \n  A variation of APC Injection focusing on executing code before the main process starts.\n\n- **Local Mapping Injection**  \n  Demonstrates malicious code injection via memory mapping into local processes.\n\n- **Local Payload Execution**  \n  Addresses the direct execution of malicious payloads in a system's local environment.\n\n- **Payload Execution Fibers**  \n  Demonstrates running shellcode using Fibers, a type of lightweight thread.\n\n- **Payload Placement**  \n  Shows how to store shellcode in the .text section of a process and execute it.\n\n- **Process Injection (Shellcode)**  \n  Exploits shellcode injection directly into running processes to control or execute malicious tasks.\n\n- **Registry Shellcode**  \n  Demonstrates writing and reading shellcode to/from the Windows Registry.\n\n- **Remote Function Stomping Injection**  \n  Exploits the substitution of functions in remote systems to carry out malicious activities.\n\n- **Remote Mapping Injection**  \n  Demonstrates malicious code injection via memory mapping into remote processes.\n\n- **Remote Thread Hijacking**  \n  Focuses on hijacking threads in remote system processes to execute malicious code.\n\n- **Threadless Injection**  \n  Demonstrates threadless injection using Go \u0026 C, where shellcode is injected without creating a new thread.\n\n## Contributing\n\nContributions are welcome! If you have improvements or additional techniques to add, please fork the repository and submit a pull request. Ensure your code follows the project's coding standards and includes relevant documentation.\n\n## License\n\nThis repository is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.\n\n## Disclaimer\n\nThis repository is intended for educational purposes only. The techniques demonstrated here are for understanding security vulnerabilities and enhancing defensive measures. Unauthorized use of these techniques may have legal consequences.\n\n---\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FEvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FEvilBytecode%2FEvilbytecode-Shellcode-Go-Tactics/lists"}