Black Friday Sale Happening Now! Learn More

Workshop: Build a Reflective Shellcode Loader C2 in Golang

Course Authored by .

Workshop: Build a Reflective Shellcode Loader C2 in Golang

Join Faan Rossouw for this workshop where you’ll build a Reflective Shellcode Loader for Command and Control (C2) operations.

Live Training $25 - $300

Course Length: 4 Hours

Includes a Certificate of Completion



Enroll Now

Next scheduled date: January 23rd, 2026 @ 12:00 PM EST

Description

Join Faan Rossouw for this workshop where you’ll build a Reflective Shellcode Loader for Command and Control (C2) operations. He will use Go (Golang), a powerful and beginner-friendly language, to engineer a complete command handling system on top of a baseline C2 framework (provided). You’ll then integrate a custom reflective loader, capable of sophisticated command queuing and in-memory shellcode execution. By the end, you’ll not only have implemented a functional reflective shellcode loader as a primary use case, but you’ll possess the reusable, extensible architecture needed to implement any command type in the future. 

Designed for beginners in security with basic programming and networking experience, this course helps solidify your skills in a practical, security-focused context. Explore both offensive and defensive insights into one of the most critical aspects of modern compromises – C2.

Let’s turn theory into action and create something impactful together!

  • This course is designed to be accessible without requiring hardware. Here's what you'll need to participate:
    • CPU: A modern dual-core processor is the minimum requirement, though a quad-core processor will provide a smoother experience when running multiple applications simultaneously (IDE, server, agent, and other tools).
    • RAM: 8GB of RAM is the recommended minimum. This will comfortably support our development environment without excessive slowdowns.
    • Storage: Please ensure you have at least 50GB of free disk space. This will accommodate the operating system, development tools, and our project files, and allow room for additional resources and documentation.
    • GPU: No specialized graphics hardware is required for this course.
  • Labs/VMs/Github
    • Operating System: The course materials work across Windows, macOS, and Linux. A Windows environment is required to test the shellcode execution at the end of the workshop. The ideal would be to have a separate VM with Windows Defender completely disabled; however, if you are using Windows as the baseline system for development, it could also be used. A complete and detailed setup guide will be provided in advance.
    • Integrated Development Environment (IDE): You're welcome to use any IDE or text editor you're comfortable with, as long as it has support for Go development. I'll be using GoLand throughout the course. If you prefer a free alternative, Visual Studio Code with Go extensions is pretty good (most of the time), and I'll provide a setup guide for it. Other options like Helix, Neovim, or Sublime Text are perfectly fine if you're already familiar with them.
  • Required Software:
    • Go programming language (latest stable version)
    • curl command-line tool
    • IDE of your choice (see above)

Syllabus

SYLLABUS

Part A: Foundation – Lecture

  • Welcome to the Workshop

  • Review of the Starting Code

  • What We’ll Be Creating

Part B: Client <-> Server Integration – Lab

  • Implement Command Endpoint

  • Validate Command Existence

  • Validate Command Arguments

  • Process Command Arguments

Part C: Server <-> Agent Integration – Lab

  • Queue Commands

  • Dequeue and Send Commands to Agent

Part D: Agent Command Execution System – Lab

  • Create Agent Command Execution Framework

  • Implement Shellcode Orchestrator

  • Create Shellcode Doer Interface and Implementations

  • Implement Windows Shellcode Doer

Part E: Closing the Loop – Lab

  • Server Receives and Displays Results

Part F: Wrap Up – Lecture

  • Review

  • Where to from Here?

  • Conclusion

FAQ

WHO SHOULD TAKE THIS WORKSHOP

This course is ideal for network security professionals or enthusiasts who have completed a basic introductory programming course and possess foundational networking knowledge. If you’re eager to apply your skills in a hands-on project, this is the perfect opportunity.

Though we will be creating an offensive tool, this workshop is equally relevant to cyber defenders. By learning how C2 frameworks are designed, defenders can develop more effective detection strategies focused on communication patterns, protocol anomalies, and behavioral indicators.

Further, the broader skills developed in this course are all universally applicable and could just as easily be applied to projects with defensive goals in mind. Though we create an offensive tool, the core foundational skills we use are valuable across both offensive and defensive security domains.

AUDIENCE SKILL LEVEL

Beginner/Intermediate

Since definitions of “beginner” and “intermediate” can vary, let me clarify: This workshop is designed for those who have some familiarity with basic programming syntax (it doesn’t have to be Go) and fundamental networking concepts (IP, HTTP, OSI model etc). You might not feel fully confident in your understanding regarding these concepts yet, but you’re ready to take the next step and level up your skills.

About the Instructor

Pixel splash background
"Network Threat Hunter + Malware Enthusiast"
Bio

I’m a researcher at Active Countermeasures that ponders one specific question: how to detect C2 frameworks. I approach this problem using a network threat hunting perspective, using Zeek and custom Python tools to detect C2 communication through statistical and fingerprinting techniques. I also build C2 emulation tools in Go, exploring both defensive and offensive perspectives. I’m passionate about teaching, having taught across a range of diverse topics, including malware development.

Register for Upcoming

  • Filter by Product Date
  • Filter by Product Instructor
  • Filter by Product Type

Workshop: Build a Reflective Shellcode Loader C2 in Golang

Complete Package

Live Training Faan Rossouw

Virtual

Includes:

  • Virtual Ticket to WWHF

  • $100 off next AT class

  • 12 months Cyber Range Access

  • T-Shirt

  • The Future Is ****** comic

  • Sticker Pack

  • Certificate of completion

  • 6 months class recording access via Discord

  • Pay it forward to 6 students

  • Free ACE-T Core certification test

Pay Forward What You Can

Live Training Faan Rossouw

Virtual

Includes:

  • $50 off next AT class

  • 12 months Cyber Range Access

  • T-Shirt

  • The Future Is ****** comic

  • Sticker Pack

  • Certificate of completion

  • 6 months class recording access via Discord

  • Pay it forward to 3 students

  • Free ACE-T Core certification test

Pay Forward What You Can

Live Training Faan Rossouw

Virtual

Includes:

  • T-Shirt

  • The Future Is ****** comic

  • Sticker Pack

  • Certificate of completion

  • 6 months class recording access via Discord

  • Pay it forward to 1 student

  • Free ACE-T Core certification test

Pay Forward What You Can

Live Training Faan Rossouw

Virtual

Includes:

  • Certificate of completion

  • 6 months class recording access via Discord

  • Our appreciation for supporting PFWYC Training

  • Free ACE-T Core certification test

For tuition assistance with this course please send an email to: [email protected]

Content is loading, please wait.
Content is loading, please wait.
$25 - $300
January 23rd, 2026 12:00 PM EST - 4:00 PM EST

Registration End Date: 10:00 PM, EST January 22nd 2026

Related products

Shopping Cart

No products in the cart.