Shellcode Loader

I just put together a basic python script to generate a Windows shellcode loader. It uses mingw to cross-compile to make it easy to generate and update the loader without needing a Windows OS.

Note that the included sleep and obfuscation techniques are WELL SIGNATURED and MS Defender will detect the loader as-is. It’s up to a user to figure out what they need for their own uses.

I’ll do a talk on this at some point this year. It’s quite trivial to come up with your own delay and obfuscation functions that easily bypass MS Defender. I won’t be making those public since they’d just get signatured and quickly stop working.

I’ve used this script often when playing Hack The Box, especially since they’ve started releasing Windows boxes that have MS Defender (AV) enabled.