Acucarinho / havoc-obfuscatorView external linksLinks
Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.
☆46Aug 13, 2025Updated 6 months ago
Alternatives and similar repositories for havoc-obfuscator
Users that are interested in havoc-obfuscator are comparing it to the libraries listed below
Sorting:
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆207Sep 20, 2025Updated 4 months ago
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- Generate an Alphabetical Polymorphic Shellcode☆135Aug 19, 2025Updated 5 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 3 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated last year
- ☆41Feb 20, 2025Updated 11 months ago
- BlackMail is a tool for creating and sending spoof mail.☆37Nov 16, 2023Updated 2 years ago
- ☆36Jul 1, 2025Updated 7 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- This tool exploits Golden DMSA attack against delegated Managed Service Accounts.☆89Jul 15, 2025Updated 6 months ago
- Location of some Active Directory lab scripts I have created and find useful☆108Feb 2, 2026Updated last week
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆31Jan 27, 2025Updated last year
- Generate Proxy DLLs in Rust☆47Sep 2, 2025Updated 5 months ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆82Updated this week
- Malware traffic obfuscation library☆39Jul 24, 2025Updated 6 months ago
- Telegram base free Rat☆11Apr 26, 2025Updated 9 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆88Jan 2, 2026Updated last month
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62May 16, 2025Updated 8 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆19Aug 31, 2025Updated 5 months ago
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆26Jul 4, 2025Updated 7 months ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆18Jun 20, 2025Updated 7 months ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Dec 20, 2023Updated 2 years ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆204Aug 21, 2025Updated 5 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- ☆19Dec 31, 2025Updated last month
- 免杀木马样本☆102Oct 11, 2025Updated 4 months ago
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆13Jul 16, 2025Updated 6 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- Burpsuite Extension for Jsmon☆22Feb 5, 2026Updated last week
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆12Jun 3, 2025Updated 8 months ago
- ☆14Sep 26, 2023Updated 2 years ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- An offensive toolkit for restless guests #DEFCON33☆54Aug 11, 2025Updated 6 months ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆165Sep 22, 2025Updated 4 months ago
- Deserialization payload generator for a variety of .NET formatters☆176Dec 2, 2025Updated 2 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 5 months ago