Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration
☆54Feb 15, 2026Updated last week
Alternatives and similar repositories for Adaptix-StealthPalace
Users that are interested in Adaptix-StealthPalace are comparing it to the libraries listed below
Sorting:
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated 11 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 9 months ago
- 🛠️ Explore custom C2 TTPs with Aether-C2-Framework, focusing on lightweight Rust implants and stealthy transport stacks to reduce forens…☆18Updated this week
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆33Sep 15, 2025Updated 5 months ago
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆152Feb 11, 2026Updated 2 weeks ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Dec 31, 2025Updated last month
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆129Dec 8, 2025Updated 2 months ago
- ☆48Dec 21, 2025Updated 2 months ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Introducing the Ransomware Builder – an educational tool with a sleek, modern GUI that makes it easy for anyone to create their own ranso…☆18Aug 4, 2024Updated last year
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆28Jul 19, 2025Updated 7 months ago
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆113Aug 19, 2025Updated 6 months ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆100Feb 14, 2026Updated last week
- string encryption in Nim☆20Jun 15, 2024Updated last year
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity☆34Apr 26, 2024Updated last year
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆98Dec 22, 2025Updated 2 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 2 weeks ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Jan 3, 2022Updated 4 years ago
- Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.☆28May 8, 2025Updated 9 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆36Apr 16, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated last month
- ☆18Jan 14, 2026Updated last month
- Attacking the cleanup_module function of a kernel module☆57Jun 30, 2025Updated 7 months ago
- Attack chain emulator. Write recipes for initial access easily☆23Feb 26, 2025Updated last year
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆51Apr 22, 2024Updated last year
- Red Team Collaboration Infrastructure☆98Apr 24, 2025Updated 10 months ago
- Cross Compatible Command and Control☆47Dec 18, 2025Updated 2 months ago
- ☆23May 28, 2021Updated 4 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…☆20Aug 7, 2024Updated last year
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year