Unit-01 is a proprietary Command and Control framework engineered for professional red teams. Experience unprecedented stealth, operational flexibility, and deterministic agent behavior in modern enterprise environments.
Unit-01 provides the tactical edge required to simulate sophisticated adversaries against today's defensive stacks.
Agents operate fully in memory with configurable lifetimes. Stage-1 loaders leave minimal forensic artifacts, and beacon sessions can self-destruct based on operator-defined triggers.
Dynamically rotate between HTTPS, DNS, and custom protocols mid-operation. Beacon traffic mimics legitimate cloud services and CDN patterns specific to the target environment.
A core library of built-in modules for AD enumeration, credential access, and lateral movement. Simple Go/Python SDK allows teams to develop and share custom operational modules.
Team server supports multiple simultaneous operators with fine-grained permissions, real-time shared logs, and session locking to prevent operational conflict.
A closer look at the components that make Unit-01 a robust platform for advanced adversary simulation.
Lightweight, cross-platform agents with reflective DLL loading, direct syscall invocation, and encrypted configuration stores. Supports Windows, Linux, and macOS targets.
Central command hub with REST API, database management, agent callbacks, and web-based operator UI. Deployable on-premises or in private cloud infrastructure.
Responsive web UI and powerful CLI client for campaign management, real-time agent interaction, network visualization, and task automation through scripts.
Detailed breakdown of techniques employed to avoid detection and analysis.
| Evasion Technique | Windows x64 | Windows x86/WoW64 | Linux | Description |
|---|---|---|---|---|
| Indirect Syscalls (Hell's Gate) | ✅ Native | ✅ Emulated | N/A | Direct kernel syscall invocation bypassing user-mode hooks. |
| Thread Stack & Heap Encryption | ✅ Full | ✅ Full | ✅ Experimental | Runtime encryption of execution context to hinder memory scanning. |
| Custom Sleep Obfuscation (FOLIAGE) | ✅ Implemented | ❌ Not Supported | ❌ Not Supported | Obfuscates beacon sleep patterns using multiple algorithm layers. |
| EDR Hook Detection & Unhooking | ✅ Automated | ❌ Not Supported | N/A | Identifies and removes userland hooks placed by major EDR products. |
| Network Traffic Blending | ✅ Adaptive | ✅ Adaptive | ✅ Adaptive | Morphs C2 traffic to match surrounding network protocols and patterns. |
Gain access to the complete framework, source code (where applicable), documentation, and private community support.
All license sales require professional verification and acceptance of our Acceptable Use Policy.
Request a technical briefing, discuss team licensing, or inquire about a proof-of-concept deployment in your lab environment.
Tell us about your team and use case. We'll schedule a confidential demo and provide licensing details.