| Features | Shellter Free | Shellter Pro | Shellter Pro Plus |
|---|---|---|---|
| Basic Polymorphism | Y | Y | Y |
| Basic Encoding | Y | Y | Y |
| Basic User-Defined Encoding Sequence | Y | Y | Y |
| Dynamic Thread Context Key (Experimental) | Y | Y | Y |
| IAT Handlers | Y | Y | Y |
| MSF Compatible Stagers | Y | Y | Y |
| Custom Payload Support | Y | Y | Y |
| Reflective DLL Payloads Support | Y | Y | Y |
| Preserve target PE Functionality (Stealth Mode) | Y | Y | Y |
| 32-bit PE (.exe) support | Y | Y | Y |
| 32-bit PE (.dll) support | Y | Y | |
| 64-bit PEs (.exe, .dll) support | Y | Y | |
| PE Target Compatibility Check | Y | Y | |
| Graphical User Interface | Y | Y | |
| Standalone Encoder | Y | Y | |
| Advanced Polymorphism | Y | Y | |
| Enhanced Anti-AV Signature Technology | Y | Y | |
| Advanced Multi-Layered Encoding | Y | Y | |
| Advanced User-Defined Encoding Sequence | Y | Y | |
| PE Target Size Increase for AV Pre-Filter Evasion | Y | Y | |
| Extra Built-In MSF Compatible Stagers | Y | Y | |
| Multi-Payload Chaining | Y | Y | |
| Advanced Stealth Mode Reliability support | Y | Y | |
| Execution Flow Data Files | Y | Y | |
| Execution Flow Tracing Using Target PE-Specific Arguments | Y | Y | |
| MSF Console Scripts Generator (Applies to embedded stagers) | Y | Y | |
| CertPlay (Restore/Replace/Add Certificates In PE targets ) | Y | Y | |
| Large Payloads Support | Y | Y | |
| PE target Relocations Support (Dynamic Image Base) | Y | Y | |
| MSF5/6 Compatible Embedded Stagers | Y | Y | |
| Advanced Debugger Detection (KM + UM) (Payloads won’t fire if detected. Can be combined with ‘Decoy Payloads’ feature to conceal real functionalities and/or tamper with automated sandbox analysis results.) | Y | ||
| Advanced VM/Sandbox Detection (Type 1 + Type 2 Hypervisors) (Payloads won’t fire if detected. Can be combined with ‘Decoy Payloads’ feature to conceal real functionalities and/or tamper with automated sandbox analysis results.) | Y | ||
| Decoy Payloads (Execute if DBG/VM are detected. See above.) | Y | ||
| Advanced Self-Unhooking | Y | ||
| Advanced Heuristic Unlinking of AV/EDR Modules | Y | ||
| Advanced Native Imports Redirection For Loaded Modules | Y | ||
| Advanced Direct SysCalls-Based Runtime Evasion | Y | ||
| Advanced Stealth Payload Thread Creation (Applies to the main thread of the payload) | Y | ||
| Advanced Self-Process and Payload Threads Protection | Y | ||
| Advanced ETW Evasion (Applies to the process executing your payload) | Y | ||
| Advanced AMSI Evasion (Applies to the process executing your payload) | Y | ||
| AES-128 Payload Encryption (Embedded + Network fetched keys) | Y | ||
| Ambush Payload Execution (Keeps payloads in hibernation until a specified benign DLL is loaded by the process) | Y | ||
| Anti-DLL Load Monitoring (Removes user-mode callbacks registered to monitor DLL modules loading events) | Y | ||
| Dynamic checks of newly loaded modules against hooks and other artefacts. (Intercepts module load events in real time) | Y | ||
| TBA | Y |
Disclaimer
We do not support nor condone criminal activities in any shape or form.
This software is offered with the sole purpose to assist ethical hackers in their daily jobs during Penetration Testing and/or Red Team engagements. The author of this software and INSAINTED LTD assume no responsibility for any unlawful actions taken and any damages caused by using this software.