X-Pack: Next Generation EDR Evasion

Description

X-Pack is an advanced evasive packer/loader designed to bypass common AV/EDR vendors. It encrypts user-provided malicious payloads like shellcode, C# assemblies, or portable executables (PEs) and decrypts them at runtime using a generated non-malicious payload.

This process, known as packing or crypting, is tailored for experienced Red Team Operators and Penetration Testers, offering a wide array of options for custom bypass techniques and payload loading behavior.

Features

Each payload looks different, making signature creation more difficult.
Userland hooks are bypassed by default for each generated payload.
The encryption key is never fully embedded in the final payload but always retrieved at runtime.
This is good for bypassing emulators or automatic unpacking engines.
Encrypted payloads can also be decoupled from the new binary to be loaded remotely at runtime.
Multiple Anti-Debug techniques are applied to each payload by default.
Environmental Keying and Anti-Sandbox options included.
No cloud service. The software is delivered to the customer as a closed-source solution.

Obfuscation Customizations:

File Bloating
Code Signing
Certificate Stealing
Executable Metadata (Icon, Filename, Copyright, etc.)
Binary Creation and Kill Date
Execution Delay

Output Formats:

Unsigned executables (although not recommended to use against some vendors)
Dynamic Linked Libraries (DLLs)
Excel-Addin (XLL)
Control Panel Files (CPL)
PowerShell scripts
More to come...

Pricing

2500€ per user per year

Each license includes dedicated support via Discord. File processing times range from 30 minutes to 2 hours depending on the selected evasion methods.

Vetting Information

This product is dual-use and cannot be sold to anyone. It's only sold to vetted companies that provide Red Teaming or Penetration Testing as a service.
Once you contact us, the vetting process will begin. Any contact from a non-company email account will be completely ignored.
Having a vetting code will help us validate your identity (restricted to 5 users per year).

Service Instruction

Each license will have a dedicated assistant over Discord.
Each file might take a minimum of 30 minutes to 2 hours for any evasion (depending on the methods).

FAQ

X-Pack's closed-source nature and unique payload generation ensure minimal detection compared to other tools.

No. We focus solely on providing tools for offensive security teams.

We conduct thorough vetting and distribute licenses only to verified entities. Misuse leads to immediate suspension of service.

Contact us with a business email or vetting code to start the verification process.

Contact Us

Reach out to us for inquiries or to begin the vetting process.

Inquiry / Contact: [email protected]

If you're interested in buying this product, please contact us via E-Mail.