25.9.12
This website uses cookies to ensure you get the best experience on our website. Learn more
Blackhat logoBlackhat logo
Black Hat

Windows Shellcoding Techniques [2126]

Johann Baresch

Shellcoding is a crucial aspect of payload development and post exploitation red-team tooling. Functionality such as exploit payloads, inline hooks, trampolines, loader stubs, decoders, decompressors, deobfuscators, entropy control, signature evasion typically involve shellcode. Custom shellcode enables a red-teamer to evade signature-based detection that detect off-the-shelf shellcode from tools like metasploit/MSFvenom.

This class is more than just a tutorial on using assembly language; it provides a holistic coverage of code execution outside the scaffolding provided by PE files, along with Windows facilities that can be leveraged to achieve that. It builds standalone core capabilities that can be readily deployed in various red-teaming scenarios.

The focus of this class is the x64 CPU and the Windows platform. The hands-on labs are based on user-mode shellcoding, but most techniques are also applicable to kernel-mode shellcode. All labs are performed on Windows 11 23H2.

Skills / Knowledge

  • PenTesting
  • Malware

Issued on

April 2, 2025

Expires on

Does not expire
Job Insights

These are the most common job titles and employers with the most open positions related to this credential.

Showing results for United States.

Top job titles related to this credential
0 0 10 10 20 20 Percentage QUALYS ADMINISTRATOR QUALYS ADMINISTRATOR CYBER INFRASTRUCTURE SUPPORT SPECIALIST - LAW ENFORCEMENT CYBER INFRASTRUCTURE SUPPORT SPECIALIST - LAW ENFORCEMENT CYBER SECURITY ANALYST TIER III CYBER SECURITY ANALYST TIER III
0 0 5 5 10 10 15 15 20 20 25 25 Percentage
Legend
  • QUALYS ADMINISTRATOR
  • CYBER INFRASTRUCTURE SUPPORT SPECIALIST - LAW ENFORCEMENT
  • CYBER SECURITY ANALYST TIER III