mbhatt1 / PhantomPipeLinks
A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and result collection. By tunneling through ngrok, you can quickly expose your C2 server to the public internet for rapid testing and demonstration.
☆31Updated 8 months ago
Alternatives and similar repositories for PhantomPipe
Users that are interested in PhantomPipe are comparing it to the libraries listed below
Sorting:
- ☆18Updated this week
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Updated 2 years ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Updated 3 months ago
- Remotely dump NT hashes through Windows Crash dumps☆34Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 3 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Updated 2 years ago
- Ntdll Unhooking POC☆19Updated 3 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Updated 2 years ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Updated last year
- ☆60Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆37Updated last month
- ☆19Updated 3 years ago
- A library to parse, modify, and implement Malleable C2 profiles☆27Updated 6 years ago
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆35Updated 4 years ago
- Repository for dirty scripts and PoCs☆20Updated 10 months ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Updated 2 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Updated 3 years ago
- ADSI based SA tool☆17Updated 3 years ago
- ☆26Updated 3 years ago
- ☆30Updated 3 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Updated 3 years ago
- Small utility package for manipulating Windows process tokens☆26Updated 3 years ago
- ☆11Updated 2 years ago
- A C# tool for extracting information from SCCM PXE boot media.☆36Updated this week
- A simple rpc2socks alternative in pure Go.☆31Updated last year
- Rust implementation of the Process Herpaderping☆24Updated 2 years ago
- AWSDoor is a red team automation tool designed to simulate advanced attacker behavior in AWS environments☆30Updated 4 months ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Updated 3 years ago