eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features
☆105Dec 17, 2025Updated 3 months ago
Alternatives and similar repositories for XMT
Users that are interested in XMT are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Golang C2 Server and Agents using XMT (https://github.com/iDigitalFlame/xmt)☆41Dec 17, 2025Updated 3 months ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Jan 1, 2024Updated 2 years ago
- ☆15Nov 24, 2022Updated 3 years ago
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…☆229Jun 6, 2023Updated 2 years ago
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 4 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 4 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆174Mar 15, 2023Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆85Feb 26, 2023Updated 3 years ago
- Go shellcode loader that combines multiple evasion techniques☆388Jun 21, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Using fibers to run in-memory code.☆243Oct 19, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- A Golang implant that uses Discord as a C2 team server☆64Nov 28, 2024Updated last year
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆194Nov 15, 2022Updated 3 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆91Sep 9, 2022Updated 3 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- ShootCutMe an .LNK file creator tool for redteamer☆16Oct 2, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A Go tool to obfuscate and deobfuscate the code and file.☆13May 29, 2022Updated 3 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆53Sep 4, 2021Updated 4 years ago
- A C# Command & Control framework☆1,027Mar 28, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 10 months ago
- Windows API/constants, identity, and WinHTTP/WinINet for Go.☆19Mar 6, 2026Updated 2 weeks ago
- windows task scheduler in golang☆29Sep 6, 2021Updated 4 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- Monarch - The Adversary Emulation Toolkit☆64Jan 7, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆60Dec 15, 2023Updated 2 years ago
- APT38 Tactic PoC for Stealing 0days from security researchers☆325May 30, 2025Updated 9 months ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!☆28Aug 19, 2024Updated last year
- golang amsi bypass☆30Dec 4, 2021Updated 4 years ago
- Winsocket for Cobalt Strike.☆104Jul 6, 2023Updated 2 years ago