Raspberry Pi Implant Builder
Scripts and configurations to turn a Raspberry Pi into a network drop-box implant: auto-connect VPN, WiFi exfil, USB HID keylogger, persistent reverse shell.
Arsenal
Professional offensive security tools & exploit frameworks
120
Tools
12
Categories
AMSI Bypass Payload Generator
Payload generator that evades AMSI (Antimalware Scan Interface) on Windows. Multiple techniques: patching, reflection, CLM bypass.
ETW Patching Module
C/C++ module that disables Event Tracing for Windows (ETW) to prevent malicious activity logging by EDRs and Defender.
Shellcode Loader with Sandbox Evasion
C shellcode loader with multiple sandbox evasion techniques: sleep acceleration detection, hardware checks, user interaction.
PowerShell Obfuscation Engine
Obfuscation engine for PowerShell scripts: variable renaming, string encoding, command aliasing, AST manipulation. Evades AMSI and logging.
EDR Unhooking Library
C library that restores the original ntdll.dll from disk to remove EDR hooks. Methods: KnownDlls, disk read, suspended process.
Process Injection Variants Pack
Collection of 12 process injection techniques implemented in C: classic, APC, thread hijacking, process hollowing, module stomping.
Windows Defender Exclusion Abuser
Script that enumerates and abuses Windows Defender configured exclusions to execute payloads from excluded paths.
Traffic Masking Proxy
Local proxy that disguises C2 traffic as legitimate traffic: HTTPS with domain fronting, DNS over HTTPS, WebSocket over CDN.
Living Off The Land Script Collection
Collection of 40+ scripts using only native Windows binaries (LOLBins) for recon, execution, persistence, and exfiltration.
Custom Shellcode Generator
Custom x64 shellcode generator: reverse shell, bind shell, download-exec, staged. Output in C, Python, raw, base64.
Android APK Decompiler & Analyzer
Automated pipeline for Android APK decompilation and analysis: extracts source code, searches for hardcoded secrets, maps API endpoints.