mav8557 / Father

Related projects ⓘ

Alternatives and complementary repositories for Father

• h3xduck / Umbra
  A LKM rootkit targeting 4.x and 5.x kernel versions which opens a backdoor that can spawn a reverse shell to a remote host, launch malwar…
  ☆119Updated 3 years ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆223Updated 4 months ago
• MythicAgents / Medusa
  Medusa is a cross-platform C2 agent compatible with Python 2.7 and 3.8, compatible with Mythic
  ☆165Updated last year
• dobin / antnium
  A C2 framework for initial access in Go
  ☆172Updated 2 years ago
• IkerSaint / KingHamlet
  Process Ghosting Tool
  ☆166Updated 3 years ago
• last-byte / RIPPL
  RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows
  ☆6Updated 2 years ago
• RedTeamOperations / Journey-to-McAfee
  ☆112Updated 2 years ago
• HavocFramework / Talon
  (Demo) 3rd party agent for Havoc
  ☆129Updated last year
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆371Updated 3 months ago
• MythicAgents / merlin
  Cross-platform post-exploitation HTTP Command & Control agent written in golang
  ☆89Updated last month
• FalconForceTeam / BOF2shellcode
  POC tool to convert CobaltStrike BOF files to raw shellcode
  ☆173Updated 3 years ago
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆317Updated 4 months ago
• OccamsXor / Dragnmove
  Infect Shared Files In Memory for Lateral Movement
  ☆192Updated last year
• adamsvoboda / nim-loader
  WIP shellcode loader in nim with EDR evasion techniques
  ☆209Updated 2 years ago
• kleiton0x00 / Shelltropy
  A technique of hiding malicious shellcode via Shannon encoding.
  ☆247Updated 2 years ago
• S3cur3Th1sSh1t / Caro-Kann
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆346Updated last year
• VirtualAlllocEx / Payload-Download-Cradles
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆258Updated 2 years ago
• reevesrs24 / EvasiveProcessHollowing
  Evasive Process Hollowing Techniques
  ☆134Updated 4 years ago
• Error996 / bdvl
  bdvl
  ☆109Updated 2 years ago
• mgeeky / ElusiveMice
  Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
  ☆423Updated last year
• N4kedTurtle / PersistBOF
  A BOF to automate common persistence tasks for red teamers
  ☆266Updated last year
• Kudaes / Fiber
  Using fibers to run in-memory code.
  ☆196Updated last year
• preemptdev / bluffy
  Convert shellcode into different formats!
  ☆343Updated last year
• eladshamir / RPC-Backdoor
  A basic emulation of an "RPC Backdoor"
  ☆208Updated 2 years ago
• florylsk / RecycledInjector
  Native Syscalls Shellcode Injector
  ☆262Updated last year
• Enelg52 / KittyStager
  KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…
  ☆213Updated last year
• boku7 / HOLLOW
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆266Updated last year
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆150Updated 2 years ago