inject or convert shellcode to PE.
Requires pefile (pip install pefile)
Based on the work at this post
A better shellcode2exe
python3 inject2pe.py --help
- Convert shellcode to Portable Executable directly:
python3 inject2pe.py s2e --shellcode <SHELLCODE_BIN_PATH> --output <OUTPUT_EXE_PATH>- Inject shellcode into an existing Portable Executable:
python3 inject2pe.py i2e --shellcode <SHELLCODE_BIN_PATH> --exe <INPUT_EXE_PATH> --offset <HEX_ENTRY_POINT_OF_SC> --output <OUTPUT_EXE_PATH>! This was particularly useful in a few situations in which shellcode uses modules loaded by the caller malware