Search
Collection
Category
Tag
Blog
Pricing
Submit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

Email

AISecKit

Curated AI security tools & LLM safety resources for cybersecurity professionals

Product

Search
Collection
Category
Tag

Resources

Blog
Pricing
Submit

Tools

🔥Marathons Tools

Company

About Us
Privacy Policy
Terms of Service
Sitemap

Copyright © 2025 All Rights Reserved.

Home
Category
damnCoffee

damnCoffee

A simple post-exploitation loader that bypasses AV/EDR.

Introduction

Information

Publisher
AISecKit
Websitegithub.com
Published date2025/04/28

Categories

Penetration Testing
Red Team Testing Tools
Exploitation Frameworks

Tags

Security Auditing
Open Source
Incident Response
Red Team Operations

More Products

image of Phantom

DevSecOps ToolsPenetration TestingVulnerability Scanners

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security Auditing Open Source Incident Response Vulnerability Scanning API Security+1

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt Injection Generative AI Red Team Testing Data Poisoning

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt Injection Open Source API Security Security Testing LLM Security+1

damnCoffee

damnCoffee is a simple post-exploitation loader designed to bypass antivirus and endpoint detection and response (EDR) systems. It allows users to execute shellcode embedded in a PNG image, making it a useful tool for penetration testers and security researchers.

Key Features:

Bypass AV/EDR: Effectively bypasses common antivirus and EDR solutions.
Easy to Use: Simple instructions for embedding shellcode into PNG files.
Open Source: The tool is open-source, allowing for community contributions and transparency.

Benefits:

Enhanced Security Testing: Provides a method for testing the effectiveness of security measures in place.
Customizable: Users can modify the code to suit their specific needs, including adapting for 32-bit shellcode.

Highlights:

Tested with 360 security software, with user feedback encouraged for bug reporting and improvements.