https://github.com/harryhaxor/zigstrike

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions
https://github.com/harryhaxor/zigstrike

2025 binder bugbounty crypter cybersecurity evasion evasion-techniques hacking hacking-tool hacktoberfest hacktoberfest-accepted malware newtools obfuscator ransomware shellcode tools windows

Last synced: 3 months ago
JSON representation

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions

• Host: GitHub
• URL: https://github.com/harryhaxor/zigstrike
• Owner: harryhaxor
• Created: 2025-07-01T18:22:55.000Z (3 months ago)
• Default Branch: main
• Last Pushed: 2025-07-01T18:35:53.000Z (3 months ago)
• Last Synced: 2025-07-01T19:29:39.093Z (3 months ago)
• Topics: 2025, binder, bugbounty, crypter, cybersecurity, evasion, evasion-techniques, hacking, hacking-tool, hacktoberfest, hacktoberfest-accepted, malware, newtools, obfuscator, ransomware, shellcode, tools, windows
• Homepage:
• Size: 315 KB
• Stars: 0
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# ZigStrike

ZigStrike is a robust shellcode loader developed in Zig, offering a variety of injection techniques and anti-sandbox features. It leverages compile-time capabilities for efficient shellcode allocation, demonstrating proven success in bypassing advanced security solutions



ZigStrike includes a custom payload builder, allowing users to easily select and construct payloads via a web application built with Python.

Features ( release 2.0 )

    Multiple Injection Techniques:

        Local Thread

        Local Mapping

        Remote Mapping

        Remote Thread hijacking

        EarlyCascade injection

    Anti-Sandbox Protection:

        TPM Presence Check.

        Domain Join Check.

        Run-Time protection.

    Output Formats:

        XLL (Excel Add-in)

        DLL

        CPL

    Advanced Features:

        Shellcode advanced allocation.

        Payload Runtime protection; preventing emulation and sandbox dynamic anaylsis.

        Bypass common detection rules.

    Front-end enhancement:

        Added new page to view generated payloads.

        Detailed information for each created payload.

        Fix flask issue to support uploading large shellcode.

Prerequisites

    Zig 0.14.0

    Ubuntu / Debian

    Python 3.x (for the web interface)

    Flask