arsenal — 11 tools / 18 machines / 35 challenges

Arsenal

Custom offensive security tools, HTB machines pwned, and challenges solved.

Evasion3

AD Automation2

C21

Forensics1

Detection1

RAT1

Payload Gen1

Utility1

ToolCategoryVersion

GhostProtocol48K LOC

Next-gen C2 framework — full PIC agent, DeathSleep, cloud dead-drops, LayeredSyscall, patchless ETW/AMSI, 50+ post-ex tasks

C2v1.0.0

SpecterForge

Polymorphic AV/EDR evasion — ChaCha20, environmental keying, 4 injection techniques, NTDLL unhooking, polymorphic engine

Evasionv2.2.0

PhantomForge

Native C evasion framework — AES-256-CBC, 5 syscall methods, 8 injection techniques, HW breakpoint AMSI/ETW bypass

Evasionv1.0.0

BloodStrike

AD attack chain automator — 17 modules, persistent credential store, adaptive attack graph, goal-seeking engine

AD Automationv1.0.0

AD Automation Suite40K LOC

26 scripts (13 modules) covering full AD attack lifecycle — CAPE-based, tested on 3 HTB machines

AD Automationv1.0.0

Spectra

Network telemetry analysis and correlation engine — modular parsers, analyzers, correlators, reporters

Forensicsv1.0.0

Cerberus

AI-powered threat detection framework — modular collectors, detectors, and analyzers

Detectionv0.1.0

Ghostwire

C#/.NET AV evasion payload generator — Mono/csc.exe compilation, P/Invoke obfuscation

Evasionv1.0.0

LinRAT

Linux RAT — reverse TCP C2, remote shell, file transfer, cron persistence, XOR-obfuscated protocol

RATv1.0.0

Malgen

Simple malware generator CLI — XOR encoding, C templates, MinGW compilation

Payload Genv0.1.0

HTB Session

Persistent shell session manager — SSH, reverse listeners, shell upgrades, tunnel pivoting via MCP

Utilityv1.0.0