Cloak

Generate Secure Payloads

Quick Start

git clone https://github.com/HackLike-co/Cloak.git
cd Cloak
go build .
./cloak.exe

Note: The binary must be run within the "Cloak" directory to properly function

Features

Input Formats

• Shellcode
• PE
• DLL

Output Formats

• EXE
• DLL

Execution Options

• Fibers
• CreateThreadPoolWait
• Injection
  • Local Thread
  • Remote Thread
  • Local Thread Hijack (CreateThread)
  • Local Thread Hijack (EnumThread)
  • Remote Thread Hijack
  • APC
  • EarlyBird APC
  • EarlyCascade

Evasion

• Payload Encryption/Encoding
• AMSI Patching
• ETW Patching
• DLL Unhooking
• IAT Camouflage
• API Hashing (Compile Time)
• Anti-Debug
  • Debugger Detection
  • Self-Delete
• Anti-VM
  • VM Detection
  • Execution Delay
  • API Hammering
• File Bloating
• Custom Binary Metadata
• Custom Binary Icon
• Modify Creation Date/Time

Guardrails

• Hostname
• Domain Joined
• Domain Name
• Subnet

Known Issues

• SetThreadpoolWait doesn't play nicely for API Hashing, need to figure out why

References

This project was inspired by the amazing EvadeX from PhantomSec and OST from Outflank. If you and your team has the funds, I highly recommend them. This is just a shitty knock off because it seemed like a fun project.

• tiny-AES-c

If you want to learn more, I recommend ired.team and/or Maldev Academy