I, Javantea at AltSci Concepts have done a reasonable amount of work in shellcode. I've written a virus, reverse engineered binaries, and exploited simple programs. All of these projects have been or will be featured in this very journal. But putting aside the interesting uses of assembly the obvious conclusion to every project I've done in assembly is: this ought to be done in C. Not unexpected that I have now written a full framework to write shellcode using the C language. It doesn't support stdlib functions, but it may soon. It generates very large shellcode and definitely doesn't do anything fancy like xor encoding or null removal, but all that is pretty immaterial. C code allows us to write complex code knowing that it will work and call functions that are large knowing what every line does.
The method I use to do this is simple. I compile the code into a binary without stdlib (-nostdlib) and using position independent code (-fPIC). Then I have an automated script that grabs .text and .rodata from the binary and outputs them to a binary file that is the shellcode.
make s-proc -e ashash1_shell2.bin ashash1 ashash1_shell2 s-proc -p ashash1_shell2.bin make disassemble less README