{"id":20482877,"url":"https://github.com/psycore8/shencode","last_synced_at":"2025-09-25T03:30:39.190Z","repository":{"id":251921476,"uuid":"838836378","full_name":"psycore8/shencode","owner":"psycore8","description":"A versatile tool for working with shellcodes","archived":false,"fork":false,"pushed_at":"2024-12-16T20:25:21.000Z","size":499,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-12-16T21:33:55.181Z","etag":null,"topics":["automation","msfvenom","obfuscation","shellcode-injection","shellcodes"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/psycore8.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-06T12:45:50.000Z","updated_at":"2024-12-16T20:25:29.000Z","dependencies_parsed_at":"2024-08-17T22:20:15.057Z","dependency_job_id":"9533ea5d-c6cd-4973-885d-f9c3e741ed1d","html_url":"https://github.com/psycore8/shencode","commit_stats":null,"previous_names":["psycore8/shencode"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psycore8%2Fshencode","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psycore8%2Fshencode/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psycore8%2Fshencode/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/psycore8%2Fshencode/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/psycore8","download_url":"https://codeload.github.com/psycore8/shencode/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234147907,"owners_count":18786934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","msfvenom","obfuscation","shellcode-injection","shellcodes"],"created_at":"2024-11-15T16:14:56.641Z","updated_at":"2025-09-25T03:30:39.172Z","avatar_url":"https://github.com/psycore8.png","language":"Python","readme":"---\ntags:\n  - Label/Repo\ntitle: ShenCode\nVersion: 0.8.6\nRelease:\n---\n# ShenCode\n\n\u003e **A versatile tool for working with shellcodes.**\n\n![](resources/shencode.png)\n\n## Features\n\nShenCode is a framework for developing, analyzing and testing shellcodes. It supports the following operating modes:\n\n- Argument mode\n\t- `shencode core output -i file.raw -s inspect`\n- [Interactive Mode](https://www.heckhausen.it/shencode/getting-started#interactive)\n\t- `shencode$ load output`\n\t- `shencode::core::output$`\n- [Task Mode](https://www.heckhausen.it/shencode/core/task)\n\t- Automate modules in different steps with `json`\n\n### Version 0.8.6\n\n#### General usage\n\nCheck out [ShenCode Docs](https://heckhausen.it/shencode/wiki/) and [the starter tutorial](https://heckhausen.it/shencode/wiki/getting-started) for more information.\n\n#### Modules\n\n| Category    | Description                      | Modules                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |\n| ----------- | -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |\n| `core`      | Shencode core functions          | [download](https://www.heckhausen.it/shencode/core/download) - [extract](https://www.heckhausen.it/shencode/core/extract)- [minidump](https://www.heckhausen.it/shencode/core/minidump) - [output](https://www.heckhausen.it/shencode/core/output) - [subproc](https://www.heckhausen.it/shencode/core/subproc) - [task](https://www.heckhausen.it/shencode/core/task)                                                                                                                   |\n| `encoder`   | Shellcode encoder                | [alphanum](https://www.heckhausen.it/shencode/encoder/alphanum) - [bytebert](https://www.heckhausen.it/shencode/encoder/bytebert) - [byteswap](https://www.heckhausen.it/shencode/encoder/byteswap)[^byteswap] - [multicoder](https://www.heckhausen.it/shencode/encoder/multicoder) - [xor](https://www.heckhausen.it/shencode/encoder/xor) - [xorchain](https://www.heckhausen.it/shencode/encoder/xorchain) - [xorpoly](https://www.heckhausen.it/shencode/encoder/xorpoly)[^xorpoly] |\n| `inject`    | Process injection modules        | [dll](https://www.heckhausen.it/shencode/inject/dll) - [injection](https://www.heckhausen.it/shencode/inject/injection) - [linject](https://www.heckhausen.it/shencode/inject/linject) - [ntinjection](https://www.heckhausen.it/shencode/inject/ntinjection) - [psoverwrite](https://www.heckhausen.it/shencode/inject/psoverwrite)[^psoverwrite]                                                                                                                                       |\n| `obfuscate` | Shellcode obfuscation techniques | [feed](https://www.heckhausen.it/shencode/obfuscate/feed)[^feed-dice] - [qrcode](https://www.heckhausen.it/shencode/obfuscate/qrcode) - [rolhash](https://www.heckhausen.it/shencode/obfuscate/rolhash) - [uuid](https://www.heckhausen.it/shencode/obfuscate/uuid)                                                                                                                                                                                                                                  |\n| `payload`   | Modules to generate payloads     | [msfvenom](https://www.heckhausen.it/shencode/payload/msfvenom) - [winexec](https://www.heckhausen.it/shencode/payload/winexec)                                                                                                                                                                                                                                                                                                                                                          |\n| `stager`    | Stage loaders                    | [meterpreter](https://www.heckhausen.it/shencode/stager/meterpreter) - [sliver](https://www.heckhausen.it/shencode/stager/sliver)                                                                                                                                                                                                                                                                                                                                                        |\n\n## How to use\n\n##### Install\n\n```shell\ngit clone https://github.com/psycore8/shencode\ncd shencode\npython -m venv .venv\n\u003c! ACTIVATE-VENV-SEE-BELOW !\u003e\npip install .\nshencode -h\n```\n\nTo activate the virtual environment use the following command:\n\n- Windows - `.venv\\bin\\activate`\n- Linux - `source .venv/bin/activate`\n\n## Release Notes\n\n- `general` - code cleanup\n- `dependencies` - updated\n- `encoder/alphanum` - padding and nasm fix\n- `encoder/bytebert` - padding fix\n- `encoder/xorchain` - new encoder module\n- `obfuscate/qrcode` - added `--reverse` option to convert the qr code back to raw binary\n- `utils/interactive` - changed the `config` command to `config_print`, `config_restore` and `config_save`\n\n\n## References\n\n- [Byte-Swapping](https://www.nosociety.de/en:it-security:blog:obfuscation_byteswapping)\n- [In-Memory Decoder](https://www.nosociety.de/en:it-security:blog:obfuscation_polymorphic_in_memory_decoder)\n- [Function Name Hashing](https://www.bordergate.co.uk/function-name-hashing/)\n- [Win32API with python3 injection](https://systemweakness.com/win32api-with-python3-part-iii-injection-6dd3c1b99c90)\n- [Violent python: XOR Encryption](https://samsclass.info/124/proj14/VPxor.htm)\n- [How to easily encrypt file in python](https://www.stackzero.net/how-to-easily-encrypt-file-in-python/)\n\n\n[^byteswap]: [Byteswapping Blog Post](https://www.nosociety.de/en:it-security:blog:obfuscation_byteswapping)\n[^xorpoly]: [Polymorphic XOR decoder Blog Post](https://www.nosociety.de/en:it-security:blog:obfuscation_polymorphic_in_memory_decoder)\n[^psoverwrite]: [hasherezade](https://github.com/hasherezade/process_overwriting)\n[^feed-dice]: [feed uses a diceware wordlist](https://github.com/ulif/diceware/blob/109df8b50720fd9ee60b414eecb4a097b3b2ba06/diceware/wordlists/wordlist_en_eff.txt)","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsycore8%2Fshencode","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpsycore8%2Fshencode","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpsycore8%2Fshencode/lists"}