zachriggle
commented
3 years ago There's a REALLY old branch of Pwntools (c.a. v2) that added a lot of support for Windows things, including shellcraft and a position-independent PE loader shell code.
I'll have to dig it up some time, but I'm not sure where it's gotten off to. All of this was for CSAW CTF around 2016 or 2017.
Some of the code made it into Pwntools (and is the reason for most of the complexity in pwnlib.abi and some of the pwnlib.rop functionality) but not even close to most of it.
This is just a brave idea, but could be quite useful. Pwntools has quite never allowed for attacking NT (or other non-posix) targets, and (though becoming less and less common) they can still be encountered in the wild, even on CTFs. Metasploit has ready shellcodes for many uncommon targets, so could be fun to be able to use some features when metasploit is found installed (like on Kali linux).
These are two totally different things, but I think that idea is just worth noting.