packer-shellcode

command
v0.186.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

packer-shellcode — runnable companion to Mode 6 of docs/techniques/pe/packer.md.

Reads raw shellcode bytes from a file (msfvenom output, hand-rolled stage-1, etc.) and produces a runnable PE32+ (Windows) or ELF64 (Linux) host that runs the shellcode at the entry point — with or without the SGN-style stub envelope.

Demonstrates the four operational shapes of Mode 6: 

plain ELF       (no encryption, smallest output ~400 B)
encrypted ELF   (SGN stub, ~8 KiB)
plain PE        (no encryption, smallest output ~1 KiB)
encrypted PE    (SGN stub, ~8 KiB)

Plus the symmetric defender path: 

UnwrapShellcode  reverse the plain wrap → recover raw bytes

Usage: 

go build -o /tmp/packer-shellcode ./examples/packer-shellcode
/tmp/packer-shellcode <shellcode.bin> <output-prefix>

Produces 4 files alongside <output-prefix>: 

<prefix>-plain.elf
<prefix>-enc.elf
<prefix>-plain.exe
<prefix>-enc.exe

Cross-platform pack-time — runs on linux/windows/darwin. Each produced binary runs on the platform matching its detected format.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.