mbhatt1 / PhantomPipeLinks
A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and result collection. By tunneling through ngrok, you can quickly expose your C2 server to the public internet for rapid testing and demonstration.
☆30Updated 8 months ago
Alternatives and similar repositories for PhantomPipe
Users that are interested in PhantomPipe are comparing it to the libraries listed below
Sorting:
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Updated 2 years ago
- ☆18Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Updated 2 years ago
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 3 years ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Updated 3 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- ☆19Updated 3 years ago
- ManageEngine ADManager Command Injection☆11Updated 2 years ago
- ☆58Updated 2 years ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Updated 2 years ago
- Remotely dump NT hashes through Windows Crash dumps☆34Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆37Updated 3 weeks ago
- A library to parse, modify, and implement Malleable C2 profiles☆27Updated 6 years ago
- ☆10Updated 2 years ago
- Tools for Attacking Pleasant Password Server☆22Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Updated 3 years ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Updated 2 years ago
- ☆13Updated last year
- Persistence via Shell Extensions☆63Updated 2 years ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated 2 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Updated 3 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 3 years ago
- Small POC for process ghosting☆40Updated 3 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Updated last year
- Elasticsearch Stack Overflow Vulnerability☆18Updated 2 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆40Updated 2 years ago
- ☆31Updated 3 years ago
- Rust implementation of the Process Herpaderping☆24Updated 2 years ago