Real fucking shellcode encryptor & obfuscator.
Supernova is an open-source tool that empowers users to securely encrypt and/or obfuscate their raw shellcode.
Supernova supports various features beyond those typically found in a common shellcode encryptor tool. Please refer to the Features section for more information.
For command-line usage and examples, please refer to our Wiki.
If you find any bugs, don’t hesitate to report them. Your feedback is valuable in improving the quality of this project!
The authors and contributors of this project are not liable for any illegal use of the tool. It is intended for educational purposes only. Users are responsible for ensuring lawful usage.
Special thanks to my brothers @S1ckB0y1337 and @IAMCOMPROMISED, who provided invaluable assistance during the beta testing phase of the tool.
Grateful acknowledgment to @y2qaq and @VeryDampTowel for their valuable contributions.
Special thanks to my friend @MikeAngelowtt for all our evening discussions during the development process.
Special thanks to my friend Efstratios Chatzoglou and his tool named Pandora, which inspired me to improve the beauty of this README.md
file.
This tool was inspired during the malware development courses of MALDEV Academy.
Supernova was created with ❤️ by @nickvourd, @Papadope9 and @0xvm.
Supernova offers automatic conversion of the encrypted shellcode into formats compatible with various programming languages, including:
- C
- C#
- Rust
- Nim
- Golang (Community request by @_atsika)
- Python
- Perl
- PowerShell
- VBA (Implemented by @verydamptowel)
- Java
- Ruby
- Raw (Implemented by @y2qaq)
Supports a variety of different ciphers, including:
- ROT
- XOR
- RC4
- AES (AES-128-CBC, AES-192-CBC, AES-256-CBC)
- Chacha20 (Implemented by @y2qaq)
Supports various obfuscation techniques, which make the malicious shellcode appear as if it were:
- IPv4
- IPv6
- MAC
- UUID (Supported by @S1ckB0y1337 & @MikeAngelowtt)
Supernova is written in Golang, a cross-platform language, enabling its use on both Windows and Linux systems.
You can use the precompiled binaries, or you can manually install Supernova by following the next steps:
- Clone the repository by executing the following command:
git clone https://github.com/nickvourd/Supernova.git
- Once the repository is cloned, navigate into the Supernova directory:
cd Supernova
- Install the third-party dependencies:
go mod download
- Build Supernova with the following command:
go build Supernova
ℹ️ Please refer to the Supernova Wiki for detailed usage instructions and examples of commands.
███████╗██╗ ██╗██████╗ ███████╗██████╗ ███╗ ██╗ ██████╗ ██╗ ██╗ █████╗
██╔════╝██║ ██║██╔══██╗██╔════╝██╔══██╗████╗ ██║██╔═══██╗██║ ██║██╔══██╗
███████╗██║ ██║██████╔╝█████╗ ██████╔╝██╔██╗ ██║██║ ██║██║ ██║███████║
╚════██║██║ ██║██╔═══╝ ██╔══╝ ██╔══██╗██║╚██╗██║██║ ██║╚██╗ ██╔╝██╔══██║
███████║╚██████╔╝██║ ███████╗██║ ██║██║ ╚████║╚██████╔╝ ╚████╔╝ ██║ ██║
╚══════╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═══╝ ╚═════╝ ╚═══╝ ╚═╝ ╚═╝
Supernova v2.1 - Real fucking shellcode encryptor & obfuscator tool.
Supernova is an open source tool licensed under MIT.
Written with <3 by @nickvourd, @Papadope9 and @0xvm.
Please visit https://github.com/nickvourd/Supernova for more...
Usage of Suprenova:
-debug
Enable Debug mode
-enc string
Shellcode encoding/encryption (i.e., ROT, XOR, RC4, AES, CHACHA20)
-input string
Path to a raw shellcode
-key int
Key length size for encryption (default 1)
-lang string
Programming language to translate the shellcode (i.e., Nim, Rust, C, CSharp, Go, Python, PowerShell, Perl, VBA, Ruby, Java, Raw)
-obf string
Shellcode obfuscation (i.e., IPV4, IPV6, MAC, UUID)
-output string
Name of the output shellcode file
-var string
Name of dynamic variable (default "shellcode")
-version
Show Supernova current version
- Caesar Cipher Wikipedia
- XOR Cipher Wikipedia
- RC4 Cipher Wikipedia
- AES Cipher Wikipedia
- ChaCha20-Poly1305 Wikipedia
- Block cipher mode of operation
- Sector7 Institute
- MalDev Academy
- OSEP-Code-Snippets GitHub by Chvancooten
- From the Front Lines | Hive Ransomware Deploys Novel IPfuscation Technique To Avoid Detection by SentinelOne
- Shellcode Obfuscation by Bordergate