Modular PIC C2 Agents
rastamouse.meAll post-exploitation C2 agents that I'm aware of are implemented as a single rDLL or PIC blob. This means that all of their core logic such as check-in's, processing tasks, sending output, etc, are all mashed into a single executable blob. If an agent is implemented as an rDLL, then
COFFing out the Night Soil
I’m back with another update to the Tradecraft Garden project. Again, this release is focused on the Crystal Palace linker. My priority in this young project is to build the foundation first, then …
Last Week in Security (LWiS) - 2025-07-21
PIC agents (@_RastaMouse), ToolShell, Async BOFs (@Cneelis), SCCM MP relays (@unsigned_sh0rt), RAITrigger (@ShitSecure), and more!