Go shellcode LoaDer
This repo is a demo and lacks enough features to bypass AV/EDR. I have written a private framework with more evasion techs, it may be made public in the future
Generate shellcode via CS/MSF first, then use gld to compile wrapped-binary:
./gld shellcode.bin [x64/x86]
ntdll!ZwProtectVirtualMemory
instead of kernelbase!VirtualProtect
(bypass possible hooks) to bypass DEPstring([]byte{...})
), to avoid static memory matchingGlobalMemoryStatusEx
)CreateToolhelp32Snapshot
)IsDebuggerPresent
)