ZigStrike
ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions. ZigStrike includes a custom payload builder, allowing users to easily select and construct payloads via a web application built with Python.
Features ( release 2.0 )
- Multiple Injection Techniques:
- Local Thread
- Local Mapping
- Remote Mapping
- Remote Thread hijacking
- EarlyCascade injection
- Anti-Sandbox Protection:
- TPM Presence Check.
- Domain Join Check.
- Run-Time protection.
- Output Formats:
- XLL (Excel Add-in)
- DLL
- CPL
- Advanced Features:
- Shellcode advanced allocation.
- Payload Runtime protection; preventing emulation and sandbox dynamic anaylsis.
- Bypass common detection rules.
- Front-end enhancement:
- Added new page to view generated payloads.
- Detailed information for each created payload.
- Fix flask issue to support uploading large shellcode.
