New features & improvements

Author: Print3M

README.md

@@ -3,7 +3,7 @@
 > [!WARNING]
 > **Beta Testing Stage** – This repository is currently in beta. Expect bugs, incomplete features, and breaking changes. Use at your own risk.
 
-EPIC (*Extensible Position Independent Code*) – PIC shellcode development and building framework designed for developer experience, predictability, and modularity. *Write code, EPIC will take care of the rest!*
+EPIC (*Extensible Position Independent Code*) – PIC shellcode development and building toolkit designed for developer experience, predictability, and modularity. *Write code, EPIC will take care of the rest!*
 
 ![EPIC flow chart](_img/img-1.jpg)
 
@@ -43,7 +43,7 @@ epic init project/
 
 # 3. Compile PIC code
 mkdir output/
-epic pic-compile project/ -o output/ -m hello
+epic pic-compile project/ -o output/
 
 # 4. Link PIC code into standalone payload.bin
 epic pic-link output/ -o output/ -m hello
@@ -119,6 +119,7 @@ Compiles your project into a standard non-PIC executable (called a "monolith" in
 Flags:
 
 - `-o / --output <path>` [required] - Output path for the monolith executable.
+- `--gcc <string>` – Specify additional flags for GCC compilation (e.g. `--gcc '-DDEBUG -DMAX_ITEMS=12'`)
 
 ### Global flags
 
@@ -130,6 +131,7 @@ The following optional flags can be used with any command:
 - `--mingw-w64-objcopy <path>` – Specify path to MinGW-w64 objcopy.
 - `--no-banner` - Disable EPIC banner.
 - `--no-color` - Disable colored output.
+- `--version / -v` – Show EPIC version.
 
 ---
 
@@ -365,7 +367,7 @@ To work around this, I use the MinGW-w64 toolchain (`gcc`) with a custom linker
 
 ### Do I have to manually align the stack before calling Windows API?
 
-No, MinGW handles stack alignment automatically. However, you must mark every Windows API function with the `WINAPI` macro.
+No, MinGW handles stack alignment and required calling convention automatically. For x86_64 you can even omit the default `WINAPI` macro before the WinAPI function header. It’s harmless to include but not required for correctness.
 
 ### Why is the entry point called `__main_pic` and not simply `main()`?
 

cmd/monolith.go

@@ -4,6 +4,7 @@ import (
 	"epic/cli"
 	"epic/ctx"
 	"epic/logic"
+	"epic/utils"
 	"fmt"
 	"os"
 
@@ -12,6 +13,8 @@ import (
 
 var mc logic.MonolithCompiler
 
+var __mcGccFlags string
+
 var monolithCmd = &cobra.Command{
 	Use:   "monolith <path>",
 	Short: "Build monolithic executable from project",
@@ -20,6 +23,10 @@ var monolithCmd = &cobra.Command{
 	PreRunE: func(cmd *cobra.Command, args []string) error {
 		mc.ProjectPath = args[0]
 
+		if __mcGccFlags != "" {
+			mc.GccFlags = utils.StringToSlice(__mcGccFlags, " ")
+		}
+
 		if err := mc.ValidateProjectPath(); err != nil {
 			return err
 		}
@@ -54,6 +61,7 @@ func init() {
 	rootCmd.AddCommand(monolithCmd)
 
 	monolithCmd.Flags().StringVarP(&mc.OutputPath, "output", "o", "", "output path for generated executable (required)")
+	monolithCmd.Flags().StringVar(&__mcGccFlags, "gcc", "", "specify additional GCC flags")
 
 	// Mark required flags
 	if err := monolithCmd.MarkFlagRequired("output"); err != nil {

cmd/root.go

@@ -3,17 +3,25 @@ package cmd
 import (
 	"epic/cli"
 	"epic/ctx"
+	"fmt"
 	"os"
 
 	"github.com/spf13/cobra"
 )
 
+var __showVersion bool
+
 var rootCmd = &cobra.Command{
 	Use:     "epic",
 	Short:   "EPIC (Extensible Position Independent Code)",
 	Long:    `EPIC is a CLI tool for automating modular PIC implant development and building process.`,
 	Version: ctx.Version,
 	PersistentPreRun: func(cmd *cobra.Command, args []string) {
+		if __showVersion {
+			fmt.Printf("EPIC %s\n", ctx.Version)
+			os.Exit(0)
+		}
+
 		if ctx.NoColor {
 			cli.DisableColors()
 		}
@@ -39,6 +47,7 @@ func init() {
 	rootCmd.PersistentFlags().BoolVar(&ctx.Debug, "debug", false, "enable debug mode")
 	rootCmd.PersistentFlags().BoolVar(&ctx.NoColor, "no-color", false, "disable colored output")
 	rootCmd.PersistentFlags().BoolVar(&ctx.NoBanner, "no-banner", false, "disable EPIC banner")
+	rootCmd.PersistentFlags().BoolVarP(&__showVersion, "version", "v", false, "show EPIC version")
 	rootCmd.PersistentFlags().StringVar(&ctx.MingwGccPath, "mingw-w64-gcc", "", "path to MinGW-w64 GCC")
 	rootCmd.PersistentFlags().StringVar(&ctx.MingwLdPath, "mingw-w64-ld", "", "path to MinGW-w64 ld")
 	rootCmd.PersistentFlags().StringVar(&ctx.MingwObjcopyPath, "mingw-w64-objcopy", "", "path to MinGW-w64 objcopy")

ctx/ctx.go

@@ -4,7 +4,7 @@ var (
 	NoColor          bool
 	NoBanner         bool
 	Debug            bool
-	Version          string
+	Version          string = "1.0.0"
 	MingwGccPath     string
 	MingwObjcopyPath string
 	MingwLdPath      string

logic/MonolithCompiler.go

@@ -11,6 +11,7 @@ import (
 type MonolithCompiler struct {
 	ProjectPath string
 	OutputPath  string
+	GccFlags    []string
 }
 
 func (mc *MonolithCompiler) ValidateProjectPath() error {
@@ -72,6 +73,11 @@ func (mc *MonolithCompiler) Run() {
 		"-I", filepath.Join(mc.ProjectPath, "include"),
 		"-I", mc.ProjectPath,
 	}
+
+	if len(mc.GccFlags) > 0 {
+		params = append(params, mc.GccFlags...)
+	}
+
 	params = append(params, sourceFiles...)
 
 	output := utils.MingwGcc(params...)

logic/init-template/README.md

@@ -10,7 +10,5 @@
 #include <epic.h>
 #include <win32/windows.h>
 
-#define MAX_DLL_NAME_SIZE 256
-
 HMODULE GetDllFromMemory(const wchar_t* name);
 void* GetProcAddr(HMODULE dll, const char* funcName);

logic/init-template/core/pebwalker.h

@@ -0,0 +1,19 @@
+// EPIC (Extensible Position Independent Code)
+//
+// Source: github.com/Print3M/epic
+// Author: Print3M
+//
+#pragma once
+
+#define _In_
+#define _In_opt_
+#define _Out_
+#define _Out_opt_
+#define _Inout_
+#define _Inout_opt_
+#define _Outptr_
+#define _Outptr_opt_
+#define _Reserved_
+#define _In_reads_(size)
+#define _Out_writes_(size)
+#define _Out_writes_bytes_(size)

logic/init-template/include/win32/sal.h

@@ -5,4 +5,5 @@
 //
 #pragma once
 #include "wintypes.h"
-#include "winternl.h"
+#include "winternl.h"
+#include "sal.h"

logic/init-template/include/win32/windows.h

@@ -10,31 +10,31 @@
 
 #define SW_SHOWNORMAL 0x1
 
-typedef UINT(WINAPI* WinExecPtr)(LPCSTR lpCmdLine, UINT uCmdShow);
-typedef HMODULE(WINAPI* LoadLibraryAPtr)(LPCSTR lpLibFileName);
-typedef INT(WINAPI* MessageBoxAPtr)(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType);
+typedef UINT (*WinExecPtr)(LPCSTR lpCmdLine, UINT uCmdShow);
+typedef HMODULE (*LoadLibraryAPtr)(LPCSTR lpLibFileName);
+typedef INT (*MessageBoxAPtr)(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType);
 
 namespace hello {
 
 void calc() {
-    auto kernel32 = GetDllFromMemory(L"KERNEL32.DLL");
-    auto WinExec  = (WinExecPtr)GetProcAddr(kernel32, "WinExec");
+  auto kernel32 = GetDllFromMemory(L"KERNEL32.DLL");
+  auto WinExec = (WinExecPtr)GetProcAddr(kernel32, "WinExec");
 
-    WinExec("calc.exe", SW_SHOWNORMAL);
+  WinExec("calc.exe", SW_SHOWNORMAL);
 }
 
-void message(const char* msg) {
-    auto kernel32     = GetDllFromMemory(L"KERNEL32.DLL");
-    auto LoadLibraryA = (LoadLibraryAPtr)GetProcAddr(kernel32, "LoadLibraryA");
+void message(const char *msg) {
+  auto kernel32 = GetDllFromMemory(L"KERNEL32.DLL");
+  auto LoadLibraryA = (LoadLibraryAPtr)GetProcAddr(kernel32, "LoadLibraryA");
 
-    auto user32 = LoadLibraryA("user32.dll");
-    if (user32) {
-        auto MessageBoxA = (MessageBoxAPtr)GetProcAddr(user32, "MessageBoxA");
+  auto user32 = LoadLibraryA("user32.dll");
+  if (user32) {
+    auto MessageBoxA = (MessageBoxAPtr)GetProcAddr(user32, "MessageBoxA");
 
-        if (MessageBoxA) {
-            MessageBoxA(NULL, msg, "EPIC", 0);
-        }
+    if (MessageBoxA) {
+      MessageBoxA(NULL, msg, "EPIC", 0);
     }
+  }
 }
 
-}  // namespace hello
+} // namespace hello