Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
☆46Aug 13, 2025Updated 6 months ago
Alternatives and similar repositories for havoc-obfuscator
Users that are interested in havoc-obfuscator are comparing it to the libraries listed below
Sorting:
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆212Sep 20, 2025Updated 5 months ago
- Generate an Alphabetical Polymorphic Shellcode☆138Aug 19, 2025Updated 6 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 4 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated 2 years ago
- ☆41Feb 20, 2025Updated last year
- BlackMail is a tool for creating and sending spoof mail.☆37Nov 16, 2023Updated 2 years ago
- ☆26Aug 11, 2025Updated 6 months ago
- ☆36Jul 1, 2025Updated 8 months ago
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆90Jul 15, 2025Updated 7 months ago
- The PoC for CVE-2025-70795 / CVE-2026-0828 and its update☆40Feb 16, 2026Updated 2 weeks ago
- Location of some Active Directory lab scripts I have created and find useful☆113Feb 2, 2026Updated last month
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Malware traffic obfuscation library☆37Jul 24, 2025Updated 7 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆89Jan 2, 2026Updated 2 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62May 16, 2025Updated 9 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 11 months ago
- Generate Proxy DLLs in Rust☆48Updated this week
- Telegram base free Rat☆12Apr 26, 2025Updated 10 months ago
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆20Feb 13, 2026Updated 3 weeks ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆93Feb 22, 2026Updated last week
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Dec 20, 2023Updated 2 years ago
- Stage 0☆169Dec 18, 2024Updated last year
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆12Jun 3, 2025Updated 9 months ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 8 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 7 months ago
- ☆14Sep 26, 2023Updated 2 years ago
- 免杀木马样本☆103Oct 11, 2025Updated 4 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆211Aug 21, 2025Updated 6 months ago
- Burpsuite Extension for Jsmon☆22Feb 5, 2026Updated last month
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆27Jul 4, 2025Updated 8 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 7 months ago
- An offensive toolkit for restless guests #DEFCON33☆53Aug 11, 2025Updated 6 months ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆167Sep 22, 2025Updated 5 months ago
- Deserialization payload generator for a variety of .NET formatters☆178Dec 2, 2025Updated 3 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆171Sep 3, 2025Updated 6 months ago