Donut
Featured🔥 Offensive Ops · C
Donut is a position-independent code generation tool that creates x86 or x64 shellcode payloads from .NET assemblies, PE files, DLLs, and VBS/JS/XSL files. The generated shellcode can load and execute the payload entirely in memory without touching disk, making it extremely useful for AV/EDR evasion. Donut supports encryption (Chaskey cipher), decoy module loading, and CLR bootstrapping for .NET payloads. It's a critical component in modern red team toolchains.
Use Cases
- Converting .NET tools to position-independent shellcode
- In-memory payload execution without disk writes
- AV/EDR evasion through shellcode injection
- Custom loader development for red team operations
- Embedding tools in exploit payloads
Tags
Details
- Category
- 🔥 Offensive Ops
- Language
- C
- Repository
- TheWover/donut
Platforms
More in Offensive Ops
Mythic
GoCollaborative, multi-platform C2 framework. Docker-based with web UI, multiple agent types, and plugin architecture.
Havoc
C/C++Modern C2 framework. Qt-based GUI, BOF support, custom agents, and a Cobalt Strike-inspired workflow.
Rubeus
C#C# toolset for raw Kerberos interaction and abuse. AS-REP roasting, Kerberoasting, ticket manipulation, delegation attacks.
Certipy
PythonActive Directory Certificate Services (AD CS) abuse tool. Find and exploit certificate template misconfigurations.
Coercer
PythonAutomatically find and exploit Windows authentication coercion vulnerabilities. PetitPotam, PrinterBug, and more.
SharpHound
C#Official BloodHound data collector. Enumerates Active Directory objects, sessions, ACLs, and trusts for graph analysis.