-
im in school lol
- userland
- https://codex-7.gitbook.io
- @codex_tf2
-
WindowSpy Public
WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
-
WebcamBOF Public
Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
-
ScreenshotBOF Public
An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.
-
-
-
codexs-useful-utils Public
Misc utils I made here and there, collected in one place
-
sliver Public
Forked from BishopFox/sliverAdversary Emulation Framework
-
-
PyHmmm Public
Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog post as a tutorial sample
-
ghost Public
Forked from trickster0/ghostA sample client/server architecture
Python UpdatedSep 14, 2023 -
-
Burp2Malleable Public
Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles
-
rogue Public
Forked from RATandC2/rogueA barebones template of 'rogue' aka a simple recon and agent deployment I built to communicate over ICMP. Well, without the ICMP code.
C UpdatedApr 6, 2023 -
-
titanldr-ng Public
Forked from klezVirus/titanldr-ngA newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
-
evasion-adventures-files Public
Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"
-
titan Public
Forked from seahop/titanTitan: A generic user defined reflective DLL for Cobalt Strike
-
-
HavocNotion Public
A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally safe or stable, built as a PoC to showcase Havoc C2's modula…
-
cobaltstrike-headless Public
Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.
-
cobaltstrike-sleepmask-yara Public
Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-strike/sleep-mask-kit-iocs
-
AceLdr Public
Forked from kyleavery/AceLdrCobalt Strike UDRL for memory scanner evasion.
-
-
-
DynamicWrapperDotNet Public
Forked from BackupHouse/DynamicWrapperDotNetDynamically Loads Assembly and Calls Methods from JScript
-
SharpAwareness Public
Light and more OPSEC friendly way for red teamers to gain quick situational awareness of both the host and the user.
-
-
BusySleepBeacon Public
This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shell…
-
beacon_notify_discordhook Public
Probably the easiest way to setup new beacon notifications in Cobalt Strike
-