QUICLash is a Go-based command and control framework built around one question: how much does transport choice matter in a post-TCP-inspection world? By running gRPC-style control messages over QUIC, Google's UDP-based transport protocol now standardized by the IETF, the framework sidesteps the majority of enterprise network inspection tooling that has spent years tuning against TCP streams. Agents maintain long-lived QUIC connections back to the server, support hot-swappable modules pushed without dropping sessions, and embed their CA certificate at compile time leaving no certificate material on disk. The result is a research platform that exposes a genuine and largely unaddressed visibility gap in enterprise detection stacks; not as a prediction of imminent threat, but as a pressure test for detection engineering teams who haven't yet asked what their stack does with long-lived UDP.