Need help with Go4aRun?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

181 Stars 22 Forks BSD 3-Clause "New" or "Revised" License 17 Commits 0 Opened issues


Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process

Services available


Need anything else?

Contributors list

No Data



  1. Change the desired passphrase used in encryption in hideit.go and Go4it.go
  2. Change the behavior options in Go4it.go
    • Change block dll behavior: between "not allowing non-MS" and "only store" through nonms and onlystore variables
    • Change parentName variable to change spoofed parent
    • Change programPath variable to change process launched by parent which shellcode will inject into
    • Change creationFlags to change launch behavior of programPath variable
    • Select a Process Injection Method by comment/uncommenting the sections CreateRemoteThread or QueueUserAPC
  3. Run hideit (either build or go run) and select the raw shellcode file
  4. The script should save the encrypted shellcode in the shelly.go file in pkg/shelly (if not move manually to pkg/shelly)
  5. Build Go4it.go (e.g: GOOS=windows GOARCH=amd64 go build -ldflags="-H=windowsgui -s -w" Go4it.go)
  6. Compress: upx --brute Go4it.exe
  7. Run through DefenderCheck (

Related Blog Posts:


References/ Resources:


We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.