Generate Secure, Polymorphic, Evasive Payloads
The easiest way to run Cloak is with Docker. If you wish to install it locally, check the wiki for installation instructions
git clone https://github.com/HackLike-co/Cloak.git
cd Cloak
sudo docker build . --tag cloak
sudo docker run --publish 8080:8080 cloak
You can then navigate to http://127.0.0.1:8080/cloak to start generating payloads!
- Convienent Web UI
- View Generated Payloads
- Simple to use REST API (Documentation Coming Soon...)
- Shellcode
- PE
- DLL
- EXE
- DLL
- Fibers
- CreateThreadPoolWait
- Injection
- Local Thread
- Remote Thread*
- Local Thread Hijack (CreateThread)
- Local Thread Hijack (EnumThread)
- Remote Thread Hijack*
- APC
- EarlyBird APC*
- EarlyCascade
- Direct Syscalls*
- Indirect Syscalls*
- Callstack Spoofing
- Chunking
- Payload Encryption/Encoding
- AES
- RC4
- Base64
- Base32
- AMSI Patching* (HWBP)
- ETW Patching* (HWBP)
- DLL Unhooking*
- IAT Camouflage*
- API Hashing (Compile Time)
- String Hashing*
- Anti-Debug*
- Debugger Detection (Kinda)
- Self-Delete
- Anti-VM
- VM Detection
- TPM Check
- CPU Count
- RAM
- Resolution
- Execution Delay
- API Hammering
- WaitForSingleObject
- VM Detection
- File Bloating*
- Entropy Reduction*
- Custom Binary Metadata
- Custom Binary Icon
- Modify Creation Date/Time
- Hostname
- Domain Joined*
- Domain Name*
- Subnet*
*v1.0 Goals
- SetThreadpoolWait doesn't play nicely for API Hashing, need to figure out why
- Checking the amount of memory acts funky in if statement
This project was inspired by the amazing EvadeX from PhantomSec and OST from Outflank. If you and your team has the funds, I highly recommend them.
If you want to learn more, I recommend ired.team, Maldev Academy or White Knight Labs