Security Operations for Payload Generation
Security operations tools for SIEM, SOAR, threat hunting, incident response, and security operations center (SOC) management. Task: Payload Generation
Browse 27 security tools
FEATURED
USE CASES
Red team toolkit for EDR evasion, initial access, and post-exploitation.
A covert channel technique that uses WebDAV protocol features to deliver malicious payloads and establish C2 communication while bypassing security controls.
A tutorial on how to use Apache mod_rewrite to randomly serve payloads in phishing attacks
InvalidSign is a security research tool that bypasses endpoint solutions by obtaining valid signed files with different hashes to evade signature-based detection mechanisms.
A honeypot specifically designed to detect and capture Log4Shell vulnerability exploitation attempts with payload analysis and flexible logging capabilities.
A unified repository for different Metasploit Framework payloads.
A payload creation framework for generating and executing C# code payloads with anti-evasion capabilities for offensive security operations.
A proof-of-concept executable injection tool that compiles and launches parasitic executables within target processes using standard or stealth injection techniques.
A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.
A collection of tools that execute programs directly in memory using various delivery methods including URL downloads and netcat connections.
A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.
Ebowla is a tool for generating payloads in Python, GO, and PowerShell with support for Reflective DLLs.
A proof-of-concept tool that generates Excel BIFF8 files with embedded 4.0 macros programmatically without requiring Microsoft Excel installation.
TikiTorch is a process injection tool that executes code within the address space of other processes using various injection techniques.
SourcePoint generates customizable C2 profiles for Cobalt Strike servers to enhance evasion capabilities against security defenses.
A payload creation framework designed to bypass Endpoint Detection and Response (EDR) systems.
A proxy aware C2 framework for penetration testing, red teaming, post-exploitation, and lateral movement with modular format and highly configurable payloads.
A macOS Initial Access Payload Generator for penetration testing and red teaming exercises.
Macro_Pack automates the generation and obfuscation of Office documents and scripts for penetration testing and security assessments.
Ivy is a payload creation framework for executing arbitrary VBA source code directly in memory, utilizing programmatical access to load, decrypt, and execute shellcode.
Havoc is a malleable post-exploitation command and control framework that provides a client-server architecture with payload generation, customizable C2 profiles, and team collaboration capabilities for red team operations.
A tool that generates .NET serialized gadgets for triggering assembly load and execution through BinaryFormatter deserialization in JavaScript, VBScript, and VBA scripts.
EvilClippy is a cross-platform tool that creates malicious MS Office documents with hidden VBA macros and evasion techniques for penetration testing and red team operations.
A shellcode generator that creates position-independent code for loading and executing .NET Assemblies, PE files, and Windows payloads from memory.