HavocFramework / TalonLinks
(Demo) 3rd party agent for Havoc
☆144Updated 2 years ago
Alternatives and similar repositories for Talon
Users that are interested in Talon are comparing it to the libraries listed below
Sorting:
- Patching AmsiOpenSession by forcing an error branching☆148Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆123Updated 3 years ago
- ☆193Updated last year
- Nim Payload Generation☆62Updated last year
- ☆248Updated 2 years ago
- Your syscall factory☆124Updated last week
- POC for frustrating/defeating Malware Analysts☆156Updated 3 years ago
- ☆165Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆195Updated 2 years ago
- ☆170Updated last year
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆142Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145Updated last year
- A BOF to automate common persistence tasks for red teamers☆289Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆150Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆116Updated last year
- C# havoc implant☆101Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆123Updated 2 years ago
- ☆209Updated 5 months ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆85Updated last year
- ☆222Updated last year
- A fake AMSI Provider which can be used for persistence.☆152Updated 4 years ago
- Find .net assemblies locally☆125Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆157Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆220Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258Updated 2 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆109Updated 2 years ago
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…☆223Updated 2 years ago
- Weaponized HellsGate/SigFlip☆203Updated 2 years ago