What is Nighthawk?

Nighthawk is the most advanced and evasive command-and-control framework available on the market. Designed for lawful red team operations, Nighthawk empowers red teams by providing the benefits of a custom research and development facility.

Built with operational security in mind, Nighthawk is a highly malleable implant designed to circumvent and evade the modern security controls often seen in mature, highly monitored environments.

Features Overview:

• Multi-operator, API driven, highly malleable native implant,
• Extensible, profile-driven, custom command-and-control in .NET,
• Advanced in-memory obfuscation and evasion strategies,
• Operationally secure post-exploitation features, optionally implemented using syscalls,
• In-process and remote process .NET assembly execution,
• Support for both x86 and x64 Beacon Object Files (BOFs),
• Hidden desktop for visualling interacting with thick client applications
• OpSec safe loader PE generators for DLL hijacking, EXEs, Service Exes, CPLs, XLLs etc
• Token stores, keystroke loggers, screen grabbers and credential recovery,
• Much, much more.

Purchasing Nighthawk

Nighthawk is available for general public release, subject to export controls and appropriate client vetting. For further details of the Nighthawk 0.2.6 release, please refer to our release post.

Licensing

• New Nighthawk licenses cost £7,500 (or $10,000 for USD transactions) per user for one year,
• A minimum of 3 user licenses must be acquired,
• Prices valid as of January 2024.

All enquiries are subject to client vetting and appropriate export controls.

To receive a quote, ask further questions or begin the purchasing process, please reach out to us using nighthawk[at]mdsec.co.uk.

Please note, we do not offer on-premise product trials or evaluations.

Showcase

Curious about what Nighthawk is capable of? We’ve created a selection of videos to showcase just a handful of the features: