Skip to content

First Release

Latest
Latest

Choose a tag to compare

View all tags
@MasoudAbdaal MasoudAbdaal released this 22 Feb 19:46
1.0.0
3bcc920

goShellcodeRunner v1.0.0

We are proud to announce the inaugural release of goShellcodeRunner – a clean and modular Golang project that demonstrates complete, classic remote process injection on Windows.

Key Features

  • Classic Remote Process Injection
    Fully implements the classic technique of remote process injection using key Windows API calls. The shellcode is dynamically allocated, copied, and executed in a new thread, showcasing robust remote execution.

  • Optimized Code & Improved Structure
    Our codebase has been meticulously refactored for clarity and efficiency. The overall code is now significantly leaner and optimized, making it easier to maintain and extend.

  • Modular & Clean Design
    The project is organized into well-defined modules and functions, allowing you to quickly understand and adapt each part – from memory allocation and shellcode copying to setting execution permissions and thread creation.

How It Works

  1. Memory Allocation & Shellcode Setup:
    The project decodes the shellcode from a hex string, allocates memory using Windows’ VirtualAlloc, and securely copies the shellcode into this region.

  2. Memory Protection:
    By applying VirtualProtect, the allocated memory’s permissions are updated from read-write to execute-read, ensuring that the shellcode runs without interference.

  3. Remote Thread Execution:
    A new thread is created via CreateThread, directing execution to the shellcode’s memory address. The main thread then waits for the injected code to finish execution, ensuring reliable operation.

Getting Started

  • Prerequisites:
    Ensure you have Go installed on a Windows system with appropriate environment settings.

  • Build & Run:
    Compile the project by running:

    go build -o shellcodeRunner.exe

    Execute the binary:

    shellcodeRunner.exe

    The tool will perform dynamic shellcode execution as described, making it a valuable resource for understanding advanced Windows API interactions and remote injection techniques.

Disclaimer

goShellcodeRunner is intended solely for educational and research purposes. Please ensure you have proper authorization before testing or deploying this tool in any environment.

Full Changelog: https://github.com/MasoudAbdaal/goShellcodeRunner/commits/1.0.0

Assets 2
Loading