This current version might contains some bugs here and there!, therefore, I am hard at work testing a new version of this tool 🛠️
Once everything checks out, it’ll be released for everyone to use.
Thanks for hanging tight! ⏳
ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike includes a custom payload builder, allowing users to easily select and construct payloads via a web application built with Python.
-
Multiple Injection Techniques:
- Local Thread
- Local Mapping
- Remote Mapping
- Remote Thread hijacking
- EarlyCascade injection
-
Anti-Sandbox Protection:
- TPM Presence Check.
- Domain Join Check.
- Run-Time protection.
-
Output Formats:
- XLL (Excel Add-in)
- DLL
- CPL
-
Advanced Features:
- Shellcode advanced allocation.
- Payload Runtime protection; preventing emulation and sandbox dynamic anaylsis.
- Bypass common detection rules.
- Front-end enhancement:
- Added new page to view generated payloads.
- Detailed information for each created payload.
- Fix flask issue to support uploading large shellcode.
- Zig 0.15.2 only
- Ubuntu / Debian
- Python 3.x (for the web interface)
- Flask
git clone https://github.com/0xsp-SRD/ZigStrike/
cd ZigStrike/App/
python3 App.py
If you encounter any bugs or issues while using ZigStrike, please report them by opening an issue in the Issues section of this repository. When reporting, please include detailed information about the problem, steps to reproduce it, and any relevant logs or screenshots. This will help us address the issue more efficiently.
If you find ZigStrike useful and would like to support its development, consider buying me a coffee! Your support is greatly appreciated and helps maintain and improve the project. You can make a donation through Buy Me a Coffee.https://buymeacoffee.com/zux0x3a