A post exploitation framework designed to operate covertly on heavily monitored environments

A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.

Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind

A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk

SilentButDeadly is a network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version fo…

A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.

Replace the .txt section of the current loaded modules from \KnownDlls\

RunPE implementation with multiple evasive techniques

The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/

基于Tinynuke修复得到的HVNC

BOF to steal Teams cookies

A Blind EDR Project for Educational Purposes

[AdaptixC2] 多语言支持

A modern, portable, easy to use crypto library.

An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.