feat: upgrade beacon encryption to AES-256-GCM + OPSEC hardening

[En3nr4]

Summary

• Replace RC4 with AES-256-GCM authenticated encryption across beacon and all existing listeners (HTTP, TCP, SMB, DNS)
• Add per-payload DJB2 seed randomization: each generated payload gets a unique crypto-random seed with unique API hash constants
• Add module stomping reflective loader (stub_rdi.x64.asm, ~2150 bytes) with LoadLibraryExA DLL overwrite
• Add polymorphic XOR encoder with 16-byte key and PEB-walking decoder stub (x64/x86)
• Add Discord connector for beacon agent (ConnectorDiscord.cpp/h)
• Add keylogger module (Keylogger.cpp/h) using GetAsyncKeyState with foreground window tracking
• Add compile-time XOR string encryption header (Obfuscate.h)
• Key size upgrade: 16 bytes (128-bit RC4) → 32 bytes (256-bit AES)

Test plan

• Build: make server-ext compiles beacon + all 4 listeners cleanly
• Beacon: generate HTTP/TCP/SMB/DNS × shellcode/DLL/service × x64/x86
• Verify AES-256-GCM encrypted communication between beacon and listeners
• Verify existing gopher agent unaffected (non-regression)

Split from #324 as requested