🐚 Custom Shellcode Generator

What is it?

A web-based shellcode assembly workbench for security researchers and exploit developers. You write (or paste) x86 or x64 assembly instructions, and the tool assembles them on the fly using the Keystone engine in a Python backend — giving you raw shellcode bytes with instant feedback.

It goes beyond a simple assembler: every output byte is automatically scanned against a configurable bad character list, with offending bytes highlighted in red so you can spot problems before your shellcode hits a target process.

Key Features

• Live x86/x64 assembly → shellcode byte conversion via Keystone
• Automatic bad character detection with colored hex dump output
• Configurable bad char list (defaults to 0x00, add more as needed)
• Python-formatted output (bytes([...])) with inline /*BAD*/ markers for non-ANSI terminals
• Built-in template database — common payloads ready to use as a starting point
• Dark-themed browser UI, no installation needed by end users

Who is it for?

Exploit developers and security researchers doing Windows/Linux userland exploitation, CTF players writing custom shellcode stages, and anyone who regularly needs to iterate on shellcode and check for bad bytes without running the full exploit each time.

Tech Stack

• Backend: Python 3 + Keystone assembler library
• Frontend: Vanilla HTML/CSS/JS — no frameworks
• Payload DB: Database.py — extensible dictionary of named shellcode templates