Custom loader that utilises MalDevs Academy implementation of process injection With HellsGate. Has been further modified for stealth and evasion. TheSilencer is designed to bypass modern antivirus and EDR solutions while maintaining a low profile during execution. Its a constant cat and mouse game with EDR solutions so i will keep this version open source since im working on a more improved version with more advanced capability and obfuscation
update: this will be coming backmuch more improved in a workflow
| Antivirus Solution | Status |
|---|---|
| Windows Defender | ✅ ACTIVE |
| EDR Solution | Status |
|---|---|
| SOPHOS EDR/XDR | ✅ TESTED & CAPABLE |
- DLL unhooking via KnownDlls
- API hashing/resolution
- Hell's Gate/Hall syscalls
- Anti-debugging mechanisms
- Jitter sleep routines
- Memory cleanup procedures
- AES encryption
- Resource embedding
- Clean injection
- Secure decryption
- Network simulation
- Debug-only UI
- Memory management
- String sanitization
- Boot-time execution
- C2 payload delivery
- Registry persistence
- Error handling
- Network-themed API obfuscation
- Resource handling & injection
- DLL unhooking implementation
- Registry persistence system
- Entropy-based timing
- ETW bypass mechanism with jittering
- Chunked memory operations
- Debug progress UI
/Loaderdirectory
- Payload encryption system
- AES implementation
- Resource embedding tools
/PayloadEncrypterdirectory
- API hash generation
- Function name obfuscation
- API hiding support
/HashCalculatordirectory
- Open
TheSilencer.sln - Select Release/x64 config
- Build full solution
- Visual Studio 2019+
- Windows SDK 10.0
- MASM build tools
- Loader ← PayloadEncrypter
- PayloadEncrypter (Standalone)
- HashCalculator (Standalone)
- Generate API hashes (HashCalculator)
- Prepare encrypted payload (PayloadEncrypter)
- Execute payload (Loader)
TheSilencer/ ├── Loader/ # Core loader ├── PayloadEncrypter/ # Encryption tools └── HashCalculator/ # Hash utilities