The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses shell commands to perform cross-compilation of generated C, C++, and Rust source code into executable binaries. It specifically utilizes tools such as x86_64-w64-mingw32-gcc, x86_64-w64-mingw32-g++, and cargo with the x86_64-pc-windows-gnu target.
[REMOTE_CODE_EXECUTION]: The core functionality of the skill is the generation of code that executes arbitrary, externally-supplied binary payloads (shellcode). It provides templates for various execution techniques including direct function pointer calls, CreateThread, APC injection, Fibers, and undocumented native APIs like NtCreateThreadEx and RtlCreateUserThread to bypass security monitoring.
[EXTERNAL_DOWNLOADS]: The skill includes components and logic designed to fetch shellcode payloads from remote URLs using Windows-specific networking APIs such as WinHttpOpen, WinHttpSendRequest, InternetOpenA, and HttpSendRequestA.
[DYNAMIC_EXECUTION]: The skill generates source code that allocates memory with PAGE_EXECUTE_READWRITE (RWX) permissions and executes dynamic content. It facilitates techniques like Process Hollowing (SetThreadContext), Module Stomping, and Thread Hijacking, which are characteristic of sophisticated malware loaders.

shellcode-loader-generate