Reverse SSH Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax Dynamic, local, and remote forwarding Native SCP and SFTP implementations for retrieving...
CrossC2 framework – Generator CobaltStrike’s cross-platform beacon CrossC2 framework is a security framework for enterprises and Red Team personnel supports CobaltStrike’s penetration testing of other platforms (Linux / MacOS / …), supports custom modules,...
Spartacus DLL Hijacking Spartacus is utilising the SysInternals Process Monitor and is parsing raw PML log files. You can leave ProcMon running for hours and discover 2nd and 3rd level (ie an app that loads another...
Sliver Sliver is a Command and Control (C2) system made for penetration testers, red teams, and advanced persistent threats. It generates implants (slivers) that can run on virtually every architecture out there, and securely...
Donut is a shellcode generation tool that creates x86 or x64 shellcode payloads from .NET Assemblies. This shellcode may be used to inject the Assembly into arbitrary Windows processes. Given an arbitrary .NET Assembly,...
APCLdr: Payload Loader With Evasion Features Features: no crt functions imported indirect syscalls using HellHall api hashing using the CRC32 hashing algorithm payload encryption using rc4 – payload is saved in .rsrc Payload injection using APC...
Invoke-PSObfuscation Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue to have a varied degree of success, but they have become trivial to...
NimPlant – A light first-stage C2 implant written in Nim and Python Feature Overview Lightweight and configurable implant wrote in the Nim programming language Pretty web GUI that will make you look cool during...
Shoggoth Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode, PE, and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its...
HWSyscalls HWSyscalls is a new method to execute indirect syscalls using 3 main components: Hardware breakpoints and Vectored Exception Handler to control the flow of execution. HalosGate is used to find syscall numbers and...
