Skip to content
View CodeXTF2's full-sized avatar
🤖
beep boop, I am a robot
🤖
beep boop, I am a robot

Block or report CodeXTF2

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
CodeXTF2/README.md

root@codex🖥️# whoami

I'm a skid who likes developing offensive tools e.g. red team implants/droppers, C2 infra and other general offensive research. I occasionally clean up some of the tools/scripts I create over time and post them here.

anything I make is to be used strictly ONLY for malicious purposes. I am NOT responsible for any education that results from incorrect or legitimate use. It is YOUR responsibility to ensure that the tool is not used in accordance with local laws. (/s so I dont get sued thanks) 🤡

Red team gitbook

I sometimes document random offensive research I do in my free time on this gitbook.

Projects (by category)

Extending Cobalt Strike

Extending Havoc C2

Misc offensive tooling

Pinned Loading

  1. Burp2Malleable Burp2Malleable Public

    Quick python utility I wrote to turn HTTP requests from burp suite into Cobalt Strike Malleable C2 profiles

    Python 370 32

  2. cobaltstrike-headless cobaltstrike-headless Public

    Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.

    147 16

  3. ScreenshotBOF ScreenshotBOF Public

    An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memory.

    C 346 51

  4. WindowSpy WindowSpy Public

    WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.

    C 259 34

  5. HavocNotion HavocNotion Public

    A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally safe or stable, built as a PoC to showcase Havoc C2's modula…

    Python 82 12

  6. maldev-links maldev-links Public

    My collection of malware dev links

    244 29