A cross-platform C++ framework for building Windows shellcode

SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.

Open Source Implementation of Cobalt Strike's Malleable C2

A BOF that's a BOF Loader and more

Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan in-memory .NET assembly loads. This tool unhooks that functi…

BOF to run PE in Cobalt Strike Beacon without console creation

IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare

Your template-based BloodHound terminal companion tool

A tool to transform Chromium browsers into a C2 Implant

C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, pivot and more.

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

An example reference design for a proposed BOF PE

Reaping treasures from strings in remote processes memory

iOS and macOS Decompiler

COM ViewLogger — new malware keylogging technique

.NET assembly loader with patchless AMSI and ETW bypass

TokenCert

PXEThief is a set of tooling that can extract passwords from the Operating System Deployment functionality in Microsoft Endpoint Configuration Manager

Embed a payload inside a PNG file

Azure DevOps Services Attack Toolkit

Beacon Object File Loader

Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.

Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domain joined machies

A set of programs for analyzing common vulnerabilities in COM

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions

Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io

The recursive internet scanner for hackers. 🧡