CrystalLoader

Offensive Crystal collection repo based on https://crystal-lang.org - WiP

CrystalLoader.cr

Basic Shellcode Loader using Crystal as a PoC.
Bypasses MDE and Elastic EDR at time of writing (14/12/2024). Elastic still flags on msfvenom shellcode execution AFTER it ran based on current stack, improvements and variants are WiP.

Compiling

crystal build CrystalLoader.cr --static --release

CrystalLoader.cr detections (14/12/2024)

MDE timeline:

Elastic detection:

Repository

CrystalLoader

Owner

P0x00

Statistic

0
0
0
0
0
4 months ago
December 14, 2024

License

Links

Source code
CrystalDoc.info

Synced at

Fri, 09 May 2025 21:17:48 GMT

Languages

Crystal 100.0%