I have released ZigStrike toolkit last year and it is still under heavy development. I decided to code in Zig which I believe the next C successor. ZigStrike is designed to assist Offsec in their operations, converting a shellcode into portable extension(DLL/XLL/CPL) which can be used to leveraged to execute the shellcode, ZigStrike offers several features and powerful options with frequent updates.
Features ( release 2.0 )
Link : https://github.com/0xsp-SRD/zigStrike/
Features ( release 2.0 )
- Multiple Injection Techniques:
- Local Thread
- Local Mapping
- Remote Mapping
- Remote Thread hijacking
- EarlyCascade injection
- Local Thread
- Anti-Sandbox Protection:
- TPM Presence Check.
- Domain Join Check.
- Run-Time protection.
- TPM Presence Check.
- Output Formats:
- XLL (Excel Add-in)
- DLL
- CPL
- XLL (Excel Add-in)
- Advanced Features:
- Shellcode advanced allocation.
- Payload Runtime protection; preventing emulation and sandbox dynamic anaylsis.
- Bypass common detection rules.
- Shellcode advanced allocation.
- Front-end enhancement:
- Added new page to view generated payloads.
- Detailed information for each created payload.
- Fix flask issue to support uploading large shellcode.
- Added new page to view generated payloads.
- Zig 0.14.0
- Ubuntu / Debian
- Python 3.x (for the web interface) with Flask
Link : https://github.com/0xsp-SRD/zigStrike/