Shellcraft is a modular Windows payload construction framework designed for red team operations and offensive security research.
It focuses on shellcode-driven execution, compiling native Windows binaries using reproducible C/C++ templates and static toolchains.
Important
This repository is provided strictly for educational, academic, and defensive security research purposes.
This project does NOT provide ready-to-use malware, and it is NOT intended for unauthorized access, exploitation, or deployment on real systems.
Any execution, testing, or experimentation must be performed only in isolated lab environments on systems you own or are explicitly authorized to test.
The author does not encourage, support, or condone malicious activity, and assumes no responsibility for misuse, damage, or legal consequences arising from improper use.
By accessing or using this repository, you acknowledge full responsibility for complying with all applicable laws, regulations, and ethical guidelines.
Shellcraft automates the process of:
- Consuming raw shellcode (msfvenom or external)
- Injecting shellcode into native Windows payloads
- Building a dropper + DLL execution chain
- Producing statically linked Windows binaries
The project is intended to be auditable, hackable, and extensible, rather than a black-box payload generator.
- Deterministic builds
- Template-driven payloads
- Minimal runtime dependencies
- Explicit execution flow
- Research-first, not “AV-bypass-first”
shellcraft/
├── shellcraft.py # Entry point
├── sources/
│ ├── payload_dll.cpp # Shellcode loader (DLL)
│ ├── dropper.cpp # Dropper executable
│ └── DefenderWrite.cpp # Helper binary- Shellcode is generated or loaded from disk
- Shellcode is embedded into payload_dll.cpp
- Payload DLL is compiled
- Dropper EXE is compiled
- Dropper stages execution on target
ShellCraft is designed to run on Linux systems and requires a minimal, reproducible toolchain.
git clone https://github.com/HackScaleTeam/ShellCraft.git
cd ShellCraftShellCraft provides a bootstrap installer that installs all required build dependencies.
chmod +x install.sh
sudo ./install.sh-
Detect your Linux distribution
-
Install Python 3
-
Install MinGW-w64 (Windows cross-compiler)
-
Install Metasploit Framework (optional, for msfvenom)
After installation, ensure the required tools are available:
python3 --version
msfvenom --version
x86_64-w64-mingw32-g++ --versionpython3 shellcraft.py --helpMetasploit Framework is optional and only required when using the --msf shellcode generation mode.
All builds are performed on Linux and produce native Windows binaries.
Generated artifacts must reside in the same directory at runtime.
Linux (Debian / Ubuntu / Kali)
Linux (Arch-based)
Linux (Fedora / RHEL-based)
Windows and macOS are not supported.
Shellcraft supports two input methods:
shellcraft --msf <LHOST> <LPORT> -o payload.exeshellcraft -s shellcode.bin -o payload.exe
Shellcode is treated as opaque input.No encoding, encryption, or mutation is applied by default.
Metasploit Framework (optional)
MinGW-w64 (x86_64-w64-mingw32-g++)
payload.exe # Dropper
payload.dll # Shellcode DLL
DefenderWrite.exe # Helper binaryAll artifacts are designed to reside in the same directory at runtime.
No evasion or obfuscation layer
No in-memory-only execution
No automatic privilege escalation
Detection by modern EDRs is expected
Shellcraft is a framework, not a finished weapon.
Red team tradecraft experimentation
Payload development research
Windows execution-chain prototyping
Template-based payload engineering
This project is provided for authorized security testing and research only.
You are responsible for compliance with all applicable laws and engagement scopes.