ZigStrike

ZigStrike is a shellcode loader with injection techniques and anti-sandbox features, using compile-time capabilities for shellcode allocation.

Visit Website

Visit Website

Introduction

ZigStrike

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike includes a custom payload builder, allowing users to easily select and construct payloads via a web application built with Python.

Features ( release 2.0 )

Multiple Injection Techniques:
- Local Thread
- Local Mapping
- Remote Mapping
- Remote Thread hijacking
- EarlyCascade injection
Anti-Sandbox Protection:
- TPM Presence Check.
- Domain Join Check.
- Run-Time protection.
Output Formats:
- XLL (Excel Add-in)
- DLL
- CPL
Advanced Features:
- Shellcode advanced allocation.
- Payload Runtime protection; preventing emulation and sandbox dynamic anaylsis.
- Bypass common detection rules.
Front-end enhancement:
- Added new page to view generated payloads.
- Detailed information for each created payload.
- Fix flask issue to support uploading large shellcode.