Cobalt Strike UDC2 implementation that provides an Slack C2 channel
☆63Jan 5, 2026Updated 2 months ago
Alternatives and similar repositories for slack-udc2
Users that are interested in slack-udc2 are comparing it to the libraries listed below
Sorting:
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 4 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 3 months ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- Prevent in-process process termination by patching exit APIs☆63Nov 9, 2025Updated 3 months ago
- A lightweight test harness designed to speed up shellcode development by providing an execution environment with integrated crash diagnos…☆43Jan 15, 2026Updated last month
- ☆42Dec 24, 2025Updated 2 months ago
- Easy to use, open-source infrastructure management platform, crafted specifically for red team engagements.☆109Feb 16, 2026Updated 2 weeks ago
- adws enumeration bof☆167Feb 16, 2026Updated 2 weeks ago
- A Windows tool that converts LDIF files to BloodHound CE☆27Dec 20, 2025Updated 2 months ago
- ☆36Jul 1, 2025Updated 8 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆36Apr 16, 2024Updated last year
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 7 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆115Jan 29, 2026Updated last month
- ☆26Aug 5, 2025Updated 7 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- A BOF that's a BOF Loader and more☆199Jan 17, 2026Updated last month
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- BOF template with boflink and mutator kit support☆49Jan 8, 2026Updated last month
- ☆39Nov 25, 2025Updated 3 months ago
- poc for cve-2025-53772☆46Dec 10, 2025Updated 2 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆89Jan 2, 2026Updated 2 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆65Jan 13, 2026Updated last month
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆95Dec 28, 2025Updated 2 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆63Dec 25, 2025Updated 2 months ago
- ☆48Nov 26, 2025Updated 3 months ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated last month
- doesnt work and wont work on it anymore☆10Jul 8, 2024Updated last year
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- List web account manager (WAM) accounts added to the current profile☆22Dec 11, 2025Updated 2 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆57Oct 29, 2025Updated 4 months ago
- Red Teaming Tradecraft☆30Sep 28, 2022Updated 3 years ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago