This is your work, valued

Valencia

pard0p

Advanced
@pard0p

“Honor is dead, but I’ll see what I can do”

CallstackSpoofingPOC. C++ self-Injecting dropper based on various EDR evasion techniques.

442

Remote-BOF-Runner. Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace.

102

PICO-Implant. PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage and modular C2 implant made of PICOs.

56

Self-Cleaning-PICO-Loader. Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution.

55

LibWinHttp. LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTTP/HTTPS transport layer communication.

45

LibPicoManager. LibPicoManager is a unified PICO management framework that provides centralized control over PICOs in memory, enabling dynamic code loading, runtime PICO substitution, and advanced evasion techniques like sleep masking through a single RWX code block.

43

LibIPC. LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes.

29

Inception. ROP gadget-based sleep obfuscation technique

13

GadgetInspector. Gadget-based Callstack Spoofing Detector.

13

SSN_Finder. Custom implementation of the HellsGate algorithm for SSN search.

8

TCG_Loaders. Proof-of-concept repository for custom loaders built on the Crystal Palace framework.

2

socks_proxy. socks5 proxy server in C

1

HTML2PDF_Vulnerable. Web vulnerable a SSRF mediante la generación de PDFs.

1