Assignment 6 of the SecurityTube Linux Assembly Expert Certification consists of taking three shellcode samples from shell-storm.org and creating polymorphic examples that are no larger than 150% the original size.

This post provides an analysis of three different payloads generated using msfvenom that target the Linux x86 platform:

A common virus-detection evasion technique when deploying malicious payloads onto a system is to encode the payload in order to obfuscate the shellcode. As part of the SLAE course, I have created a custom encoder: Xorfuscator.

When exploiting overflows that allow code execution, there is near always a limit on how much code can be passed to the application. In some cases, this limitation can result in there not being enough space to carry out the desired action.

Reverse TCP shells are similar to bind shells, in that they allow shell access over a network. The key difference is that a bind shell will listen on the remote host, but a remote shell instead instructs the remote host to connect back to another.