eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features
☆104Dec 17, 2025Updated 3 months ago
Alternatives and similar repositories for XMT
Users that are interested in XMT are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Golang C2 Server and Agents using XMT (https://github.com/iDigitalFlame/xmt)☆42Dec 17, 2025Updated 3 months ago
- A third-party Gopher Assassin for the Havoc Framework.☆45Jan 1, 2024Updated 2 years ago
- ☆15Nov 24, 2022Updated 3 years ago
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…☆229Jun 6, 2023Updated 2 years ago
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 4 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆174Mar 15, 2023Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- The Scorebot Engine is a platform that allows scoring, host checking and other cool stuff☆10Nov 10, 2024Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆85Feb 26, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Go shellcode loader that combines multiple evasion techniques☆388Jun 21, 2023Updated 2 years ago
- Using fibers to run in-memory code.☆243Oct 19, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- A Golang implant that uses Discord as a C2 team server☆65Nov 28, 2024Updated last year
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆194Nov 15, 2022Updated 3 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆91Sep 9, 2022Updated 3 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ShootCutMe an .LNK file creator tool for redteamer☆16Oct 2, 2024Updated last year
- A Go tool to obfuscate and deobfuscate the code and file.☆13May 29, 2022Updated 3 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆53Sep 4, 2021Updated 4 years ago
- A C# Command & Control framework☆1,030Mar 28, 2024Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 11 months ago
- Windows API/constants, identity, and WinHTTP/WinINet for Go.☆19Mar 6, 2026Updated last month
- windows task scheduler in golang☆29Sep 6, 2021Updated 4 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- Monarch - The Adversary Emulation Toolkit☆64Jan 7, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- APT38 Tactic PoC for Stealing 0days from security researchers☆325May 30, 2025Updated 10 months ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆28Aug 19, 2024Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆63Apr 4, 2026Updated last week
- golang amsi bypass☆30Dec 4, 2021Updated 4 years ago