- Joined
- Jan 8, 2019
- Messages
- 56,623
- Solutions
- 2
- Reputation
- 32
- Reaction score
- 100,455
- Points
- 2,313
- Credits
- 32,750
6 Years of Service
76%
Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.
Initial Project Goals
Learn how Reflective Loader works.
Write a Reflective Loader in Assembly.
Compatible with Cobalt Strike.
Cross compile from macOS/Linux.
Implement Inline-Assembly into a C project.
Future Project Goals
Use the initial project as a template for more advanced evasion techniques leveraging the flexibility of Assembly.
Implement Cobalt Strike options such as no RWX, stompPE, module stomping, changing the MZ header, etc.
Write a decent Aggressor script.
Support x86.
Have different versions of reflective loader to choose from.
Implement HellsGate/HalosGate for the initial calls that reflective loader uses (pNtFlushInstructionCache, VirtualAlloc, GetProcAddress, LoadLibraryA, etc).
Optimize the assembly code.
Hash/obfuscate strings.
Some kind of template language overlay that can modify/randomize the registers/methods.