Malleable C2 Profile Generator
Malleable C2 profile generator for Cobalt Strike and Sliver. Produces profiles that mimic legitimate CDN, cloud service, and popular app traffic.
Arsenal
Professional offensive security tools & exploit frameworks
120
Tools
12
Categories
SOCKS5 Proxy Pivoting Module
Standalone SOCKS5 pivoting module in C. Static binary under 100KB that creates a SOCKS5 proxy on the compromised host for pivoting into internal networks.
Process Injection Techniques Library
C/C++ library with 8 Windows process injection techniques: Classic DLL, Process Hollowing, APC Queue, Syscall-based, and more.
Phishing Infrastructure Deployer
Bash/Terraform script that deploys complete phishing infrastructure: GoPhish + Evilginx2 + categorized domain + SSL certificates.
BOF Collection for Cobalt Strike
Pack of 15 Beacon Object Files (BOFs) for Cobalt Strike: enumeration, credential access, lateral movement, and defense evasion.
Active Directory Enumeration Script
Pure PowerShell script (no external modules) for complete Active Directory enumeration: users, groups, GPOs, ACLs, trusts, SPNs.
Kerberoast Extractor
Python script that performs Kerberoasting against Active Directory: requests TGS tickets for SPN-enabled accounts and exports hashes for offline cracking.
Covenant C2 Agent Builder
Custom .NET C2 agent generator: HTTP/HTTPS/SMB stagers with obfuscation, in-memory compilation, and AMSI evasion.
SSH Tunneling Toolkit
Collection of scripts and configurations for advanced SSH pivoting: local/remote/dynamic forwarding, ProxyJump chains, and SOCKS routing.
NTLM Relay Attack Module
Python module for NTLM relay attacks: captures NTLM authentications and relays them to SMB, LDAP, HTTP, MSSQL services.