whiskers/phorcy-stealer
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
phorcy-stealer/README.md
unknown 0b60404558 Full refactor/better docs
2026-02-01 04:09:42 +01:00

2.9 KiB
Raw Permalink Blame History

Phorcy

Status: In active development
Primary Languages: C++, Nim, Python, JavaScript, Elixir, D, Rust
Project Type: Post-exploitation C2 framework
Last Major Update: 1st of February 2026

Overview

Phorcy is an experimental, multi-language post-exploitation c2 framework focused on efficiency, lightweight executables, and cross-language interoperability featuring multiple exfiltration features.

This project is still evolving, with several core systems being actively reworked and standardized.

Architecture (High Level)

Phorcy follows a layered design:

Layer Language Purpose
Core C2 Payload for both Windows & Linux C++ Performance-critical logic, base framework, and foundational modules
Bootstrap / Lightweight Loader & Loader Nim Minimal initialization and low-level exploitation components
Tooling & Automation Python / JavaScrip / TypeScript / Elixir Obfuscation scripts, tests, build tooling, and telegram robot/discord webhook management
Cryptographic Tooling / Libraries D / Rust Customized Threefish512-CTR with BLAKE3-MAC verify-before-decrypt / Slightly ported/forked Curve41417

This structure allows a clean separation of responsibilities between languages.

Project Status

Phorcy is unfinished and considered a long-term experimental project. Internal structures, interfaces, and design choices may change significantly.

Changelog

Major Project Changes

1st of February 2026 - Project was entirely revived, new dev joined & is now in active development again

  • A full foundational base structure has now been established, replacing earlier experimental fragments.
  • The codebase was largely rewritten in C++ to improve performance, consistency, and maintainability.
  • The Nim portion was reduced to a stager and registry high-level API wrapper.
  • Internal module organization and architecture were standardized.
  • Cookie joined the development team.
  • Synthetic is no longer involved in the project.
  • Eline is no longer involved in the project.
  • Threefish512-CTR / curve41417 is being implemented into the project.

29th November 2023 - "Contains numerous new tools in NIM (tested on v. 2.0.0 unless written otherwise) that implement very important features for a project like this."

~

Roadmap

Planned areas of exploration include:

  • A REST API layer to route discord/telegram API/local web api requests and process lightweight agent information
  • A telegram-based robot for build and packaging workflows
  • Expanded linux support.
  • A unified remote management and service integration framework within the main architecture.
  • Continued modularization and documentation improvements.
Reference in New Issue View Git Blame Copy Permalink