Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration
☆80Mar 8, 2026Updated last week
Alternatives and similar repositories for Adaptix-StealthPalace
Users that are interested in Adaptix-StealthPalace are comparing it to the libraries listed below
Sorting:
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 10 months ago
- ☆16Apr 21, 2023Updated 2 years ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆33Sep 15, 2025Updated 6 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated 2 weeks ago
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆132Dec 8, 2025Updated 3 months ago
- ☆49Dec 21, 2025Updated 2 months ago
- Two WinForms GUI tools for enumerating, searching, and exfiltrating data from M365 environments using application-level OAuth tokens☆140Mar 4, 2026Updated 2 weeks ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- AV/EDR killer using BYOVD technique☆44Sep 27, 2024Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- Awesome MalDev Links☆46Mar 2, 2026Updated 2 weeks ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…☆34Mar 5, 2025Updated last year
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆185Feb 11, 2026Updated last month
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated last year
- Introducing the Ransomware Builder – an educational tool with a sleek, modern GUI that makes it easy for anyone to create their own ranso…☆18Aug 4, 2024Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆78Dec 23, 2023Updated 2 years ago
- Lurker is a cross-platform, companion implant to Cobalt Strike built with Go☆33Updated this week
- Криптор на шелл-кодах☆11May 3, 2020Updated 5 years ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Thats it! An Open-Source Windows UEFI Rootkit☆29Jul 19, 2025Updated 7 months ago
- string encryption in Nim☆19Jun 15, 2024Updated last year
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆125Aug 19, 2025Updated 6 months ago
- Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity☆34Apr 26, 2024Updated last year
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆15Nov 16, 2023Updated 2 years ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆112Feb 21, 2026Updated 3 weeks ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated last month
- BypassCredGuard CS BOF☆51Jan 23, 2025Updated last year
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.☆28May 8, 2025Updated 10 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆36Apr 16, 2024Updated last year
- Six cases demonstrating methods of optimizing GetProcAddress☆19Jan 3, 2022Updated 4 years ago