316 skills found · Page 1 of 11
BishopFox / SliverAdversary Emulation Framework
hasherezade / Pe SieveScans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
hasherezade / Hollows HunterScans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).
last-byte / PersistenceSniperPowershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
mandatoryprogrammer / CursedChromeChrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
Cracked5pider / StardustA modern 32/64-bit position independent implant template
mgeeky / ProtectMyToolingMulti-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it with your implant, it does a lot of sneaky things and spits out obfuscated executable.
WithSecureLabs / Doublepulsar Detection ScriptA python2 script for sweeping a network to find windows systems compromised with the DOUBLEPULSAR implant.
chvancooten / NimPlantA light-weight first-stage C2 implant written in Nim (and Rust).
facebookarchive / WEASELDNS covert channel implant for Red Teams.
spellshift / RealmRealm is a cross platform Red Team engagement platform with a focus on automation and reliability.
postrequest / Linklink is a command and control framework written in rust
nettitude / PoshC2 OldPowershell C2 Server and Implants
praetorian-inc / ChromeAloneA tool to transform Chromium browsers into a C2 Implant
Coalfire-Research / SlackorA Golang implant that uses Slack as a command and control server
hoodoer / JS TapJavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.
0xTriboulet / RevenantRevenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
pumpbin / Pumpbin🎃 PumpBin is an Implant Generation Platform.
silentbreaksec / ThrowbackHTTP/S Beaconing Implant
The-Z-Labs / Bof Launcherbof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Ready to use in C/Zig/Rust/Go/C++ applications.
