Menu
Article cloak

Introducing Cloak

drngd0tter

drngd0tter

• 1 min read

Summary

Inspired by the likes of EvadeX from PhantomSec and OST from Outflank, Cloak aims to provide a solution for generation of Secure, Polymorphic, and Evasive payloads. Cloak allows for Red Teams to self-host a platform that supports generation through both a Web UI and an easy-to-use REST API. At the time of this blog's release, Cloak is currently in beta version v0.5.1. Follow along on Github or Discord for the latest updates and Features, as well as new projects HackLike is working on.

Cloak Features

  • Self-host with Docker or Standalone
  • Convenient Web UI
  • Easy-to-use REST API
  • Payload Generation History

Input Formats

  • Shellcode
  • Portable Executable - PE (Planned)
  • Dynamic Link Library - DLL (Planned)

Output Formats

  • EXE
  • DLL
  • More Planned in Future Releases...

Execution Options

  • Fibers
  • CreateThreadPoolWait
  • Injection
    • Local Thread
    • Remote Thread (Planned)
    • Local Thread Hijack (CreateThread)
    • Local Thread Hijack (EnumThread)
    • Remote Thread Hijack (Planned)
    • APC
    • EarlyBird APC (Planned)
    • EarlyCascade (Planned)

Evasion

  • Direct Syscalls (Planned)
  • Indirect Syscalls (Planned)
  • Callstack Spoofing (Planned)
  • Chunking / Drip Allocation (Planned)
  • Payload Encryption / Encoding
    • AES
    • RC4
    • Base64
    • Base32
  • AMSI Patching - Hardware Break Points (Planned)
  • ETW Patching - Hardware Break Points (Planned)
  • DLL Unhooking (Planned)
  • IAT Camouflage (Planned)
  • Compile Time API Hashing
  • String Hashing (Planned)
  • Anti-Debugging
    • Debugger Detection
    • Self-Deletion (Planned)
  • Anti-Sandbox
    • Sandbox Detection
    • Execution Delay
      • WaitForSingleObject
      • API Hammering (Planned)
  • File Bloating (Planned)
  • Entropy Reduction (Planned)
  • Custom Binary Metadata
  • Custom Binary Icon
  • Modify Compile DateTime

GuardRails

  • Hostname
  • Domain Joined
  • Domain name (Planned)
  • Subnet (Planned)

Using Cloak

Using Cloak is as simple as:

  1. Uploading your Shellcode, PE, or DLL
  2. Customizing your Payload
  3. Generate!

Support

At HackLike, we believe in Open-Source Software and all of its benefits. However, development is expensive. If you want to support HackLike, consider sponsoring us on Github. You get early access to new projects, early access to new updates on existing projects, and more! As always, thank you for your support!

Share