cloak

◈ All processing runs locally in your browser — no files leave your machine. Commands shown below can also be run directly with cloak.py. ADS features are CLI-only (Windows/NTFS).

target file

File to inspect *

⬡ drop or click to select

encoding — encode the file after inspecting (–e / –d flags)

Technique optional

XOR key hex or decimal

options

Show Hashes -H

Quiet -q

generated command

Python

python cloak.py info ...

input file

File *

⬡ drop or click to select

Output filename -o

entropy — null-byte interleaving, no marker embedded

Target entropy --lower-entropy

Strip padding --strip-padding

Lower: inserts null bytes at intervals throughout file — no marker written.
Strip: enter the interval shown after lowering to recover the original.
< 6.5 looks benign · 6.5–7.2 suspicious · > 7.2 likely flagged

encoding / decoding — –e encode · –d decode (mutually exclusive)

Technique optional

XOR key hex or decimal

rename & spoof

New extension replaces all –n

Add extension appends –a

Spoof Header –x

Show Hashes –H

Quiet –q

generated command

Python

python cloak.py util ...

view — –-list to enumerate all LOLBins

List all LOLBins --list

lolbin — select a living-off-the-land binary --lolbin NAME

payload

Local file path --lolbin-file

Remote URL --lolbin-url

Extra arg --lolbin-arg · DLL export / offset

Save commands to file -o

generated commands

Select a LOLBin above to generate commands.

cli equivalent

python cloak.py generate ...

output running