C2 Infrastructure Automation
☆119Jun 21, 2025Updated 8 months ago
Alternatives and similar repositories for C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
Users that are interested in C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE are comparing it to the libraries listed below
Sorting:
- Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.☆15Jul 17, 2025Updated 7 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆323May 17, 2024Updated last year
- ApexLdr is a DLL Payload Loader written in C☆118Jul 17, 2024Updated last year
- ☆138Nov 17, 2025Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆18Apr 17, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Various AD tools needed for penetration testing in one place.☆23Jul 13, 2023Updated 2 years ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33May 30, 2024Updated last year
- Evasive shellcode loader☆401Oct 17, 2024Updated last year
- Open Source C&C Specification☆277Feb 28, 2025Updated last year
- ☆234Oct 8, 2024Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 10 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆592Jun 12, 2024Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆187Oct 29, 2025Updated 4 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆41May 31, 2024Updated last year
- Tools for analyzing EDR agents☆278Jun 10, 2024Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆779Jan 26, 2026Updated last month
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆443Jul 8, 2024Updated last year
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated 11 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆203Jun 23, 2023Updated 2 years ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆283Jun 15, 2024Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- A collection of tools using OCR to extract potential usernames from RDP screenshots.☆30Apr 15, 2024Updated last year
- Payload Generation Workflow☆40Jul 18, 2025Updated 7 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆194Feb 6, 2025Updated last year
- Python implementation of GhostPack's Seatbelt situational awareness tool☆271Nov 12, 2024Updated last year
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- ☆42Feb 18, 2025Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆341Oct 7, 2024Updated last year
- Simulate the behavior of AV/EDR for malware development training.☆564Feb 15, 2024Updated 2 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago