@pard0p.bsky.social
📤 22
📥 30
📝 8
reposted by
_RastaMouse
3 months ago
I managed it:
marketplace.visualstudio.com/items?itemNa...
add a skeleton here at some point
0
4
3
To wrap up the year, I've published this Havoc extension that enables remote execution of Beacon Object Files (BOFs) using a PIC loader built with Crystal Palace.
github.com/pard0p/Remot...
loading . . .
GitHub - pard0p/Remote-BOF-Runner: Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace.
Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace. - pard0p/Remote-BOF-Runner
https://github.com/pard0p/Remote-BOF-Runner
3 months ago
0
4
3
LibPicoManager is a unified PICO management framework that provides centralized control over PICOs in memory, enabling dynamic code loading, runtime PICO substitution, and advanced evasion techniques like sleep masking through a single RWX code block.
github.com/pard0p/LibPi...
loading . . .
GitHub - pard0p/LibPicoManager: LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code l...
LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code loading, runtime PICO substitu...
https://github.com/pard0p/LibPicoManager
4 months ago
0
3
3
reposted by
Raphael Mudge
4 months ago
Tradecraft Engineering with Aspect-Oriented Programming
@rastamouse.me
pretty much predicted what was coming in his last blog post. attach (Win32 APIs), redirect (local funcs), capability right-sized IAT hooks, and PICO function exports. Yes, attach can incept its PIC.
aff-wg.org/2025/11/10/t...
loading . . .
Tradecraft Engineering with Aspect-Oriented Programming
It’s 2025 and apparently, I’m still a Java programmer. One of the things I never liked about Java’s culture, going back many years ago, was the tendency to hype frameworks that seemed to over-engin…
https://aff-wg.org/2025/11/10/tradecraft-engineering-with-aspect-oriented-programming/
0
10
10
I've updated
github.com/pard0p/PICO-...
to execute indirect syscalls via LibTP + an enhanced version of LibGate. I hope this helps to demonstrate the utility of shared libraries in Crystal Palace projects 😁
loading . . .
GitHub - pard0p/PICO-Implant: PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible...
PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage...
https://github.com/pard0p/PICO-Implant/
4 months ago
0
3
1
PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage and modular C2 implant made of PICOs.
github.com/pard0p/PICO-...
loading . . .
GitHub - pard0p/PICO-Implant: PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible...
PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage...
https://github.com/pard0p/PICO-Implant
4 months ago
0
5
4
LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTTP/HTTPS transport layer communication.
github.com/pard0p/LibWi...
loading . . .
GitHub - pard0p/LibWinHttp: LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO...
LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTT...
https://github.com/pard0p/LibWinHttp
4 months ago
0
3
3
LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes.
github.com/pard0p/LibIPC
loading . . .
GitHub - pard0p/LibIPC: LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes.
LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes. - pard0p/LibIPC
https://github.com/pard0p/LibIPC
5 months ago
1
5
4
@raphaelmudge.bsky.social
, thanks to Crystal Palace I just published a proof-of-concept of a self-cleaning, in-memory PICO loader.
github.com/pard0p/Self-...
loading . . .
GitHub - pard0p/Self-Cleaning-PICO-Loader: Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution.
Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution. - pard0p/Self-Cleaning-PICO-Loader
https://github.com/pard0p/Self-Cleaning-PICO-Loader
5 months ago
0
2
1
you reached the end!!
feeds!
log in
