What is Nighthawk?

Nighthawk is an advanced command-and-control framework, designed for lawful red team operations.

Built with operational security in mind, Nighthawk is a highly malleable implant designed to circumvent and evade the modern security controls often seen in mature, highly monitored environments.

Features Overview:

  • Multi-operator, API driven, highly malleable native implant,
  • Extensible, profile-driven, custom command-and-control in .NET,
  • Advanced in-memory obfuscation and evasion strategies,
  • Operationally secure post-exploitation features, optionally implemented using syscalls,
  • In-process and remote process .NET assembly execution,
  • Support for both x86 and x64 Beacon Object Files (BOFs),
  • Token stores, keystroke loggers, screen grabbers and credential recovery,
  • Much, much more.

Getting Nighthawk

Nighthawk is currently not available for general public release, however we are working with a number of early adopters. If you’d like to be considered for this programme, please reach out to us using nighthawk[at]

Please note, Nighthawk is subject to export controls and all enquires will be subject to the appropriate client vetting.


  • New Nighthawk licenses cost £7,500 per user for one year,
  • A minimum of 3 user licenses must be acquired.

To receive a quote, ask further questions, arrange a demo or begin the purchasing process, please reach out to us using nighthawk[at]


Curious about what Nighthawk is capable of? We’ve created a selection of videos to showcase just a handful of the features:

written by

MDSec Research

Ready to engage
with MDSec?

Copyright 2021 MDSec