We have recently been on a new shellcode kick, but this time it's not about making them smaller. We're currently working on building very powerful new post-exploitation shellcode and toolkits, and a very powerful unified API to expose their functionality. This will allow us to diverge from pre-canned payloads, which will in turn allow users to quickly build powerful and portable post-exploitation tools. We have built strongly upon our Windows DLL injection, and are working on extending similar functionality to the land of Unix. We're also working hard on the next version of Metasploit, which follows this same philosophy of embedability and extensibility, allowing users to build their own tools on top of our framework. Our previous work was all about exploit frameworks. In our new approach we are really building more of a hacker tool framework, allowing very strong automation and customization.