2018-03-17 14:07 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004412Kali Linux[All Projects] New Tool Requestspublic2018-02-21 09:35
Assigned To 
Product Version 
Target VersionFixed in Version 
Summary0004412: Sickle - Shellcode development tool
DescriptionSickle is a shellcode development tool, created to speed up the various steps needed to create functioning shellcode. Aids the developer in eliminating bad characters, formatting output in various languages, executing shellcode in both Windows and Linux environments, comparing reversed shellcode to original, and disassembling shellcode into assembly language (ARM, x86, etc).
Steps To Reproducegit clone https://github.com/wetw0rk/Sickle.git

cd Sickle/

apt-get install python3-pip

pip3 install capstone

chmod +x sickle.py && cp sickle.py /usr/bin/sickle

Additional InformationWritten in Python 3, and only dependency required to run is capstone (for disassembly).
Attached Files




threeway (developer)

is the version of capstone that we have in Kali not new enough for sickle?


wetw0rk (reporter)

After checking you are correct, the version currently installed in Kali will work perfectly. I made a couple changes, and verified sickle worked properly on a fresh Kali 2017.3 install.


wetw0rk (reporter)

Pushed some changes to the sickle. Thank you for your time.


g0tmi1k (administrator)

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

- [Name] - The name of the tool
- [Version] - What version of the tool should be added?
--- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
- [Homepage] - Where can the tool be found online? Where to go to get more information?
- [Download] - Where to go to get the tool?
- [Author] - Who made the tool?
- [Licence] - How is the software distributed? What conditions does it come with?
- [Description] - What is the tool about? What does it do?
- [Dependencies] - What is needed for the tool to work?
- [Similar tools] - What other tools are out there?
- [How to install] - How do you compile it?
- [How to use] - What are some basic commands/functions to demonstrate it?


wetw0rk (reporter)

Absolutely, if there’s any other information that would help let me know. Below is the
requested info:

-[Name] - Sickle

-[Version] - 1.4

-[Homepage] - https://github.com/wetw0rk/Sickle

-[Download] - https://github.com/wetw0rk/Sickle.git

-[Author] - Milton Valencia (wetw0rk)

-[License] - MIT License

-[Description] - Sickle is a shellcode development tool created to speed up the various steps
                    needed to create functioning shellcode. Sickle aids the developer in:
                    identification of bad characters, formatting in multiple languages (python,
                    perl, powershell, etc), executing shellcode in both Linux and Windows environments,
                    comparing reversed shellcode to original, and disassemble shellcode into various
                    architectures (ARM-THUMB, x86-32, x86-64, etc).

-[Dependencies] - capstone (If used within Kali the existing version of capstone works out of the
                    box. Otherwise it’s recommended to install via pip3 `pip3 install capstone`)

-[Similar tools] - msfvenom, ndisasm, shellnoob

-[How to install] - git clone https://github.com/wetw0rk/Sickle.git
                    cd Sickle/ && chmod +x sickle.py && cp sickle.py /usr/bin/sickle
                    echo “Sickle installed!”

-[How to use] - Identification of instructions what result bad characters:
                        sickle -r shellcode -f python -v jumpcode -b "\x00" -c
                    Running shellcode (Sickle detects if Windows or Linux):
                        sickle -r shellcode -rs
                    Comparing shellcode:
                        sickle -r <my reverse shell> -e <original reverse shell>
                    Disassembly of shellcode (x86-64):
                        sickle -r reverse-shell -d -a x86 -m 64
                    Asciinema example:

I also went ahead and added screenshots.


wetw0rk (reporter)

I went ahead and added a git tag as well: https://github.com/wetw0rk/Sickle/releases/tag/v1.4



wetw0rk (reporter)

@g0tmi1k I recently released v1.5 the git tag is here:


The only notable change is the compare function.


-Issue History
Date Modified Username Field Change
2017-12-06 06:14 wetw0rk New Issue
2017-12-09 04:24 threeway Note Added: 0007674
2017-12-09 07:40 wetw0rk Note Added: 0007675
2017-12-11 07:45 wetw0rk Note Added: 0007680
2018-01-26 11:46 g0tmi1k Summary Shellcode development tool => Sickle - Shellcode development tool
2018-01-29 15:13 g0tmi1k Note Added: 0008471
2018-01-29 18:10 wetw0rk File Added: example.png
2018-01-29 18:10 wetw0rk Note Added: 0008548
2018-01-29 23:05 wetw0rk Note Added: 0008557
2018-02-12 00:26 wetw0rk Note Added: 0008654
2018-02-12 00:28 wetw0rk File Added: compare.png
2018-02-12 00:28 wetw0rk File Added: dissemble.png
2018-02-21 09:35 g0tmi1k Product Version 2017.3 =>
+Issue History