Skip to content
View hsjafari's full-sized avatar
2 followers · 1 following

Block or report hsjafari

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
hsjafari/README.md

cortex

Red Team Operator & Python toolsmith. I build social tooling, C2 server, and automation recon that doesn’t wake you up at 03:00 AM.

test

Follow Stars

What I build

  • C2 server & operator tools: tasking, op logs, opsec guardrails, repeatable flows.
  • Loaders & implants: staged/stageless, selective telemetry, quiet comms.
  • Tradecraft automation: recon → initial access → privilege → persistence → exfil.
  • Research: EDR/telemetry evasion, behavioral shaping, sandbox dodging.
  • droper
  • port scaner
  • social tools

Focus areas

redteam tools.social tools.recon tools.adversary emulation · OPSEC-first engineering · EDR bypass R&D · Windows internals · network tradecraft · operator ergonomics

Currently

  • Hardening a Python C2 core (transport abstractions + opsec checks).

Ethos

Only for authorized engagements and research. If you’re not the owner or don’t have written permission, don’t touch it.

Selected repos

Pin your top projects so they surface here.

  • 🔴 cortex-c2 — operator-first Python C2 with transport plugins.
  • 🧬 cortex-win_sys_mgmt Unified Windows System‑Management Framework.
  • evilginx-websocket-proxy evilginx + websocket reverse proxy

Popular repositories Loading

  1. win_sys_mgmt win_sys_mgmt Public

    Unified Windows System‑Management Framework

    Python 3

  2. C2 C2 Public

    c2 server using Django

    Python 3

  3. evilginx-websocket-proxy evilginx-websocket-proxy Public

    Forked from kgretzky/evilginx2

    Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

    Go 3

  4. zombi-scan zombi-scan Public

    port scan using rabbitmq

    Python 3

  5. hsjafari hsjafari Public

    2

  6. websocket-reverse-proxy websocket-reverse-proxy Public

    Python 2