BitterCandy is a Proof of Concept (POC) shellcode loader designed for educational purposes and research into static detection mechanisms. This project serves as a learning tool to understand how shellcode loaders work and how they can be detected by security solutions.
This project is intended for:
- Educational purposes in malware analysis and detection
- Research into static detection mechanisms
- Understanding shellcode execution techniques
- Learning about Windows API usage for process manipulation
This project is provided for EDUCATIONAL PURPOSES ONLY. The techniques demonstrated in this code should only be used in controlled environments for learning and research. Using this code for malicious purposes is strictly prohibited and may be illegal.
- Shellcode loading and execution
- Process manipulation capabilities
- Demonstrates various Windows API techniques
- Educational examples of common shellcode execution patterns
This project demonstrates several techniques used to understand how security solutions detect malicious code:
-
AMSI Bypass
- Demonstrates how AMSI (Antimalware Scan Interface) works
- Shows the importance of proper security implementation
-
Shellcode Encryption
- AES encryption implementation for shellcode
- Understanding how encryption affects static detection
- Learning about key and IV management
-
Process Manipulation
- Techniques for process creation and manipulation
- Understanding Windows API usage patterns
- Learning about process injection methods
-
Static Detection Evasion
- String obfuscation techniques
- API call obfuscation
- Understanding signature-based detection
These techniques are included solely for educational purposes to help security researchers and developers understand how to better protect their systems.
This project is intended to be used in a controlled environment for learning purposes. Before running any code:
- Ensure you have a proper development environment set up
- Use only in isolated testing environments
- Do not use against any systems without explicit permission
The author(s) of this project are not responsible for any misuse of this code. Users are responsible for ensuring they comply with all applicable laws and regulations when using this project.
Contributions for educational purposes are welcome. Please ensure any contributions align with the educational nature of this project.
This project is licensed for educational purposes only. All rights reserved.