Hi! Could you send me a private message? I’d like to show you something about the project

I managed it: marketplace.visualstudio.com/items?itemNa...

GitHub - pard0p/Remote-BOF-Runner: Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace. Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal Palace. - pard0p/Remote-BOF-Runner

To wrap up the year, I've published this Havoc extension that enables remote execution of Beacon Object Files (BOFs) using a PIC loader built with Crystal Palace.

github.com/pard0p/Remot...

GitHub - pard0p/LibPicoManager: LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code l... LibPicoManager is a unified PICO management framework that provides centralized control over Position Independent Code Objects in shared memory, enabling dynamic code loading, runtime PICO substitu...

LibPicoManager is a unified PICO management framework that provides centralized control over PICOs in memory, enabling dynamic code loading, runtime PICO substitution, and advanced evasion techniques like sleep masking through a single RWX code block.

github.com/pard0p/LibPi...

Tradecraft Engineering with Aspect-Oriented Programming It’s 2025 and apparently, I’m still a Java programmer. One of the things I never liked about Java’s culture, going back many years ago, was the tendency to hype frameworks that seemed to over-engin…

Tradecraft Engineering with Aspect-Oriented Programming

@rastamouse.me pretty much predicted what was coming in his last blog post. attach (Win32 APIs), redirect (local funcs), capability right-sized IAT hooks, and PICO function exports.

Yes, attach can incept its PIC.

aff-wg.org/2025/11/10/t...

GitHub - pard0p/PICO-Implant: PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible... PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage...

I've updated github.com/pard0p/PICO-... to execute indirect syscalls via LibTP + an enhanced version of LibGate.

I hope this helps to demonstrate the utility of shared libraries in Crystal Palace projects 😁

GitHub - pard0p/PICO-Implant: PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible... PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage...

PICO-Implant is a Proof of Concept C2 implant built using Position-independent Code Objects (PICO) for modular functionality. This project demonstrates that It's possible to build a multi-stage and modular C2 implant made of PICOs.

github.com/pard0p/PICO-...

GitHub - pard0p/LibWinHttp: LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO... LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTT...

LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to facilitate the development of PICO modules that require HTTP/HTTPS transport layer communication.

github.com/pard0p/LibWi...

Thank you so much. I hope this allows devs to focus and create new offensive capabilities for C2 environments in less time. Also, to be able to do it in a more user-friendly way 😁

GitHub - pard0p/LibIPC: LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes. LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes. - pard0p/LibIPC

LibIPC is a simple Crystal Palace shared library for inter-process communication, based on Named Pipes.

github.com/pard0p/LibIPC

GitHub - pard0p/Self-Cleaning-PICO-Loader: Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution. Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution. - pard0p/Self-Cleaning-PICO-Loader

@raphaelmudge.bsky.social , thanks to Crystal Palace I just published a proof-of-concept of a self-cleaning, in-memory PICO loader.

github.com/pard0p/Self-...