iDigitalFlame / XMT
eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features
β96Updated 8 months ago
Alternatives and similar repositories for XMT:
Users that are interested in XMT are comparing it to the libraries listed below
- ππͺ² Malleable C2 profiles parser and assembler written in golangβ65Updated 11 months ago
- Golang C2 Server and Agents using XMT (https://github.com/iDigitalFlame/xmt)β34Updated 5 months ago
- Golang binary for data exfiltration with ICMP protocol (+ ICMP bindshell, http over ICMP tunneling, ...)β146Updated 3 years ago
- Process injection techniques written in Go.β62Updated last year
- Process Injection Techniques with Golangβ77Updated 4 years ago
- This project will guide yout to awareness of injection in almost every window API and process.β25Updated 3 years ago
- WIP shellcode loader in nim with EDR evasion techniquesβ216Updated 3 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog β¦β80Updated last year
- Identifies bad bytes from static analysis with any Anti-Virus scanner.β124Updated 10 months ago
- indirect syscalls for AV/EDR evasion in Go assemblyβ326Updated last year
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRsβ79Updated 2 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.β149Updated 2 years ago
- A PoC package for hosting the CLR and executing .NET from Goβ73Updated 9 months ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.β112Updated 3 years ago
- Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,.β¦β198Updated 10 months ago
- Reflectively load PEβ103Updated 4 years ago
- Post-exploitation agent for Merlinβ194Updated 3 weeks ago
- β248Updated 2 years ago
- Golang PE injection on windowsβ167Updated 3 years ago
- This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withouβ¦β184Updated 2 years ago
- (Demo) 3rd party agent for Havocβ139Updated last year
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and laterβ91Updated last year
- AV/EDR evasion via direct system calls.β108Updated last year
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this pβ¦β221Updated last year
- Bypass Detection By Randomising ROR13 API Hashesβ138Updated 3 years ago
- A Go implementation of Cobalt Strike style BOF/COFF loaders.β218Updated 2 months ago
- Go implementation of the Heaven's Gate techniqueβ98Updated 4 years ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell proβ¦β85Updated last year
- A basic emulation of an "RPC Backdoor"β240Updated 2 years ago
- A C2 framework for initial access in Goβ180Updated 2 years ago