{"id":14990758,"url":"https://github.com/darkr4y/offensivezig","last_synced_at":"2025-04-09T15:07:55.216Z","repository":{"id":43304472,"uuid":"315242978","full_name":"darkr4y/OffensiveZig","owner":"darkr4y","description":"Some attempts at using Zig(https://ziglang.org/) in penetration testing.","archived":false,"fork":false,"pushed_at":"2024-07-11T11:34:06.000Z","size":40,"stargazers_count":234,"open_issues_count":1,"forks_count":16,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-04-09T15:07:43.783Z","etag":null,"topics":["nim","zig"],"latest_commit_sha":null,"homepage":"","language":"Zig","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/darkr4y.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-23T08:09:06.000Z","updated_at":"2025-03-31T03:25:43.000Z","dependencies_parsed_at":"2024-09-24T16:04:22.472Z","dependency_job_id":"f396a591-0efd-480f-8fd0-0bb038ba9a19","html_url":"https://github.com/darkr4y/OffensiveZig","commit_stats":{"total_commits":11,"total_committers":3,"mean_commits":"3.6666666666666665","dds":"0.36363636363636365","last_synced_commit":"c781906c686ed26cfbb67985dba5c0d8129036ca"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/darkr4y%2FOffensiveZig","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/darkr4y%2FOffensiveZig/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/darkr4y%2FOffensiveZig/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/darkr4y%2FOffensiveZig/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/darkr4y","download_url":"https://codeload.github.com/darkr4y/OffensiveZig/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248055284,"owners_count":21040157,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nim","zig"],"created_at":"2024-09-24T14:20:46.209Z","updated_at":"2025-04-09T15:07:55.189Z","avatar_url":"https://github.com/darkr4y.png","language":"Zig","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n    \u003cimg height=\"300\" alt=\"OffensiveZig\" src=\"https://github.com/darkr4y/OffensiveZig/assets/24826851/c572ec29-cddc-4c87-80ba-fa37d540d14e\"\u003e\n\u003c/p\u003e\n\n# OffensiveZig\n\nThe purpose of this project is to do some experiments with [Zig](https://ziglang.org/), and to explore the possibility of using it for implant development and general offensive operations. it is inspired by [@byt3bl33d3r](https://twitter.com/byt3bl33d3r)'s project \"[OffensiveNim](https://github.com/byt3bl33d3r/OffensiveNim)\".\n\n\n## Table of Contents\n\n- [OffensiveZig](#offensivezig)\n  - [Table of Contents](#table-of-contents)\n  - [Why Zig?](#why-zig)\n  - [Try to Learn Zig in Y minutes](#try-to-learn-zig-in-y-minutes)\n  - [How to play](#how-to-play)\n  - [Cross Compiling](#cross-compiling)\n  - [Interfacing with C/C++](#interfacing-with-cc)\n  - [Creating Windows DLLs with an exported `DllMain`](#creating-windows-dlls-with-an-exported-dllmain)\n  - [Optimizing executables for size](#optimizing-executables-for-size)\n  - [Opsec Considerations](#opsec-considerations)\n  - [Converting C code to Zig](#converting-c-code-to-zig)\n  - [Language Bridges](#language-bridges)\n  - [Debugging](#debugging)\n  - [Setting up a dev environment](#setting-up-a-dev-environment)\n  - [Interesting Zig libraries](#interesting-zig-libraries)\n  - [Zig for implant dev links](#zig-for-implant-dev-links)\n  - [Comparison of Zig and Nim](#comparison-of-zig-and-nim)\n  - [Summary](#summary)\n  - [Contributors](#contributors)\n\n## Why Zig?\n\n- The Zig toolchain offers the capability to cross-compile C/C++ projects using commands like *zig cc* or *zig c++*. This functionality allows you to efficiently utilize the Zig toolchain for building your pre-existing C/C++ projects.\n- Zig operates without relying on a VM/runtime, the static executable is super small.\n- Zig boasts a minimal Rust-like syntax while retaining the simplicity of C, enabling swift development of native payloads and prototypes.\n- Zig offers seamless integration with C libraries without the need for Foreign Function Interface (FFI) bindings.\n- Zig emphasizes manual memory management and transparent control flow, avoiding hidden complexities.\n- Zig excels in facilitating cross-compilation without the need for a separate \"cross toolchain,\" and can build for various targets listed [here](https://ziglang.org/documentation/master/#Targets).\n- Compiling to WebAssembly and interacting with JavaScript code within a browser is relatively straightforward in Zig [here](https://ziglang.org/documentation/master/#WebAssembly).\n- The [community](https://github.com/ziglang/zig/wiki/Community) is known for its approachability, friendliness, and high level of activity. The Zig [Discord](https://discord.gg/zig) server serves as a valuable platform for asking questions and staying informed about the latest developments within the language.\n\n## Try to Learn Zig in Y minutes\n\nIf you're eager to learn Zig quickly and effectively, there's a wealth of resources to aid your journey. For a rapid grasp of Zig's syntax and concepts, you can dive into the [Learn Zig in Y Minutes guide](https://learnxinyminutes.com/docs/zig/). To delve deeper into Zig's intricacies, explore the official documentation for various Zig versions [here](https://ziglang.org/documentation/master/). Engage with the vibrant Zig community through [Ziggit](https://ziggit.dev/).\n\n## How to play\n\n**Examples in this project**\n\n| File | Description |\n| ---  | --- |\n| `keylogger_bin.zig` | Keylogger using `SetWindowsHookEx` |\n| `pop_bin.zig` | Call `MessageBox` WinApi *without* using a 3rd-party library |\n| `pop_lib.zig` | Example of creating a Windows DLL with an exported `DllMain` |  \n| `shellcode_bin.zig` | Creates a suspended process and injects shellcode with `VirtualAllocEx`/`CreateRemoteThread`. | \n| `suspended_thread_injection.nim` | Shellcode execution via suspended thread injection |\n\nI recommend downloading Zig for different CPU architectures directly from Zig's official download page, available at https://ziglang.org/download/. In certain cases within this project, third-party libraries are employed.\n\n## Cross Compiling\n\nSee the cross-compilation section in the [Zig compiler usage guide](https://ziglang.org/learn/overview/#cross-compiling-is-a-first-class-use-case), for a lot more details.\n\nCross compiling to Windows from MacOs/Nix: `zig build-exe -target x86_64-windows src.zig`\n\n## Interfacing with C/C++\n\nExplore the remarkable [Integration with C](https://ziglang.org/learn/overview/#integration-with-c-libraries-without-ffibindings) section in the Zig documentation.\n\nHere's `MessageBox` example\n\n```zig\nconst std = @import(\"std\");\nconst win = std.os.windows;\nconst user32 = win.user32;\n\nconst WINAPI = win.WINAPI;\nconst HWND = win.HWND;\nconst LPCSTR = win.LPCSTR;\nconst UINT = win.UINT;\n\n\nextern \"user32\" fn MessageBoxA(hWnd: ?HWND, lpText: LPCSTR, lpCaption: LPCSTR, uType: UINT) callconv(WINAPI) i32;\n\npub fn main() void {\n    _ = MessageBoxA(null, \"Hello World!\", \"Zig\", 0);\n}\n```\n\n## Creating Windows DLLs with an exported `DllMain`\n\nAs you can see, the code in the example is already very close to what C code looks like, just use `export` keyword.\n\nExample:\n\n```zig\nconst std = @import(\"std\");\nconst win = std.os.windows;\n\nconst WINAPI = win.WINAPI;\nconst HINSTANCE = win.HINSTANCE;\nconst DWORD = win.DWORD;\nconst LPVOID = win.LPVOID;\nconst BOOL = win.BOOL;\nconst HWND = win.HWND;\nconst LPCSTR = win.LPCSTR;\nconst UINT = win.UINT;\n\nconst DLL_PROCESS_ATTACH: DWORD = 1;\nconst DLL_THREAD_ATTACH: DWORD = 2;\nconst DLL_THREAD_DETACH: DWORD = 3;\nconst DLL_PROCESS_DETACH: DWORD = 0;\n\nextern \"user32\" fn MessageBoxA(hWnd: ?HWND, lpText: LPCSTR, lpCaption: LPCSTR, uType: UINT) callconv(WINAPI) i32;\n\npub export fn _DllMainCRTStartup(hinstDLL: HINSTANCE, fdwReason: DWORD, lpReserved: LPVOID) BOOL {\n    _ = lpReserved;\n    _ = hinstDLL;\n    switch (fdwReason) {\n        DLL_PROCESS_ATTACH =\u003e {\n            _ = MessageBoxA(null, \"Hello World!\", \"Zig\", 0);\n        },\n        DLL_THREAD_ATTACH =\u003e {},\n        DLL_THREAD_DETACH =\u003e {},\n        DLL_PROCESS_DETACH =\u003e {},\n        else =\u003e {},\n    }\n    return 1;\n}\n```\n\nTo compile:\n\n```\n//To make a static library\nzig build-lib test.zig -target x86_64-windows \n//To make a shared library\nzig build-lib test.zig -dynamic -target x86_64-windows \n```\n\n## Optimizing executables for size\n\nTaken from the [Build Mode](https://ziglang.org/documentation/master/#Build-Mode)\n\nFor the biggest size decrease use the following flags `-O ReleaseSmall -fstrip -fsingle-threaded`\n\n## Opsec Considerations\n\nMost samples are compiled in this mode `zig build-exe src.zig -O ReleaseSmall -fstrip -fsingle-threaded -target x86_64-windows`\n\nAside from a few specific NT functions found in the import table, I have not been able to find any other significant features that would indicate that they were coded in Zig.\n\n![image](https://user-images.githubusercontent.com/4407382/100207487-9a6b4380-2f42-11eb-8b43-0bbf8d619be7.png)\n\n\n## Converting C code to Zig\n\nZig offers the functionality to convert C code to Zig code through the command `zig translate-c`. I haven't personally experimented with this feature yet.\n\n## Language Bridges\n\nRegarding Python modules or Java JNI integration, I haven't had the opportunity to test these aspects yet.\n\nReferences:\n\n- https://github.com/kristoff-it/zig-cuckoofilter/\n- https://github.com/ziglang/zig/issues/5795\n- https://lists.sr.ht/~andrewrk/ziglang/%20%3CCACZYt3T8jACL+3Z_NMW8yYvcJ+5oyP%3Dh1s2HHdDL_VxYQH5rzQ%40mail.gmail.com%3E\n\n## Debugging\n\nYou can utilize the functions within the `std.debug` namespace to display the call stack. Currently, there is limited IDE support for debugging Zig. If you're using VSCode, you can try the `webfreak.debug` extension. For more information on debugging Zig with VSCode, you can refer to the following links:\n- [Reddit post: Debugging Zig in VSCode](https://www.reddit.com/r/Zig/comments/cl0x6k/debugging_zig_in_vscode/)\n- [Dev.to article: Debugging Zig with VS Code](https://dev.to/watzon/debugging-zig-with-vs-code-44ca)\n\nThese resources should provide you with additional details on setting up and using the webfreak.debug extension for Zig debugging in VSCode.\n\n## Setting up a dev environment\n\n[VSCode](https://code.visualstudio.com/) provides an official Zig extension `ziglang.vscode-zig` to enhance Zig language support, offering more comprehensive functionality compared to earlier extensions such as `tiehuis.zig` and `lorenzopirro.zig-snippets`.\n\nThe link to the [Zig Tools](https://ziglang.org/learn/tools/) page on the Zig website will likely provide further information on various tools and resources available for Zig development, including debugging tools and extensions.\n\n## Interesting Zig libraries\n\n- https://github.com/GoNZooo/zig-win32\n- https://github.com/Vexu/routez\n- https://github.com/ducdetronquito/requestz\n- https://github.com/ducdetronquito/h11\n- https://github.com/ducdetronquito/http\n- https://github.com/MasterQ32/zig-network\n- https://github.com/lithdew/pike\n- https://github.com/Hejsil/zig-clap\n- https://github.com/Vexu/bog\n- https://github.com/tiehuis/zig-regex\n- https://github.com/alexnask/interface.zig\n- https://github.com/marler8997/zig-os-windows\n- https://github.com/nrdmn/awesome-zig\n\n## Zig for implant dev links\n\n- https://github.com/Sobeston/injector\n\n## Comparison of Zig and Nim\n\n|    \t | Zig\t |  Nim  |\n|  ----  | ----  | ----  |\n| Syntax Styles  | Rust-like | Python-like |\n| Backend  | LLVM or Self-hosted | C Compiler or Self-Hosted |\n| Code Generate  | Support in future | Supported |\n| Standard Library  | General | Numerous |\n| Memory Management  | Manual | Multi-paradigm GC |\n| FFI | *Directly* | Support |\n| Translate C to *ThisLang*  | Official | Third-Party |\n| Package Manager  | Official Package Manager as of Zig 0.11 | Nimble |\n| Cross Compile | Convenient | Convenient |\n| Learning Curve | Intermediate | Easy |\n| Community Resources | Growing | Rich |\n\n## Summary\n\nIn conclusion, I am not currently inclined to choose Zig as my primary language for offensive purposes. I've also explored alternative languages like [Vlang](https://vlang.io/), but I haven't initiated practical experimentation with them yet. Comparatively, Nim offers superior community resources and more comprehensible documentation than Zig. While attempting to achieve similar outcomes, deciphering Zig's documentation proved to be a challenging endeavor. The manual memory management aspect may not be particularly user-friendly for those without professional development experience. It's possible that as Zig evolves and stabilizes in the future, I might be more inclined to employ it for specific development tasks within penetration testing.\n\n*P.S.: I am not a professional developer; this project is presented solely from the viewpoint of a penetration testing engineer. The opinions expressed above are my own. Please do correct me if you find any errors.*\n\n## Contributors \n\n\u003ca href=\"https://github.com/darkr4y/OffensiveZig/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=darkr4y/OffensiveZig\" /\u003e\n\u003c/a\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdarkr4y%2Foffensivezig","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdarkr4y%2Foffensivezig","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdarkr4y%2Foffensivezig/lists"}