Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
-
Updated
Sep 13, 2021 - Go
#
c2
Here are 111 public repositories matching this topic...
Covenant is a collaborative .NET C2 framework for red teamers.
-
Updated
Aug 25, 2021 - C#
Empire is a PowerShell and Python 3.x post-exploitation framework.
-
Updated
Oct 4, 2021 - PowerShell
Adversary Emulation Framework
dns
golang
http
gplv3
dns-server
sliver
red-team
security-tools
c2
red-team-engagement
command-and-control
implant
adversarial-attacks
red-teaming
adversary-simulation
-
Updated
Oct 5, 2021 - Go
Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++.
go
windows
macos
linux
golang
security
qt
cross-platform
grpc
trojan
rat
macosx
post-exploitation
beacon
cobalt-strike
red-team
c2
redteam
cobaltstrike
-
Updated
Sep 11, 2021 - C++
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
-
Updated
Sep 16, 2021 - PowerShell
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
rat
malware-analysis
c2
command-and-control
remote-access-tool
remote-administration-tool
command-control
rat-analysis
rat-malware
-
Updated
Feb 17, 2020
Applied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
rust
security
virus
scanner
phishing
wasm
hacking
audit
trojan
bug-bounty
infosec
pentesting
beacon
pentest
offensive-security
red-team
security-tools
c2
bug-hunting
shellcodes
-
Updated
Oct 7, 2021 - Rust
Starkiller is a Frontend for PowerShell Empire.
-
Updated
Sep 28, 2021 - Vue
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
agent
kubernetes
golang
security
containers
http2
post-exploitation
security-tools
c2
penetration-testing-framework
command-and-control
red-teams
penetration-testing-tools
redteam-tools
-
Updated
Jun 20, 2021 - Go
DeimosC2 is a Golang command and control framework for post-exploitation.
-
Updated
Aug 25, 2021 - Vue
Open source pre-operation C2 server based on python and powershell
-
Updated
Jul 6, 2021 - Python
-
Updated
Aug 30, 2021 - Go
Some notes and examples for cobalt strike's functionality
-
Updated
Apr 21, 2021
A Golang implant that uses Slack as a command and control server
python
golang
penetration-testing
pentest
red-team
remote-admin-tool
c2
command-and-control
penetration-testing-tools
-
Updated
Apr 7, 2021 - Python
[Draft]Awesome Cyber Security Resource Collection. Currently contains 8000+ open source repositories, and not very well classified. For each repository, extra info included: star count, commit count, last update time. This is the DRAFT version.
osint
anti-virus
password
owasp
vulnerability
recon
post-exploitation
burp
pentest
payload
privilege-escalation
iot-security
kali
cobalt-strike
social-engineering-attacks
metasploit
data-exfiltration
c2
wifi-hacking
threat-hunt
-
Updated
Dec 23, 2019
FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
security
powershell
python3
cybersecurity
post-exploitation
offensive-security
security-tools
c2
command-and-control
redteam
implant
purpleteam
readteaming
-
Updated
Mar 25, 2021 - Python
link is a command and control framework written in rust
-
Updated
Aug 18, 2021 - Rust
Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
-
Updated
Sep 3, 2021 - Python
CredPhish is a PowerShell script designed to invoke legitimate credential prompts and exfiltrate passwords over DNS.
shell
dns
backdoor
reverse-shell
penetration-testing
dns-server
information-security
kali-linux
offensive-security
exfiltration
kali
bypass-antivirus
antivirus-evasion
c2
social-engineering
kali-scripts
amsi
-
Updated
Jul 27, 2021 - PowerShell
Responsive Command and Control System
-
Updated
Sep 27, 2021 - HTML
Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)
-
Updated
Aug 12, 2020 - JavaScript
PickleC2 is a post-exploitation and lateral movements framework
-
Updated
Jul 26, 2021 - PowerShell
Cyberdelia, a Collection of Command and Control frameworks
-
Updated
Oct 16, 2019 - Shell
AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
python
encoding
obfuscation
encryption
hacking
penetration-testing
rat
pentesting
reverseshell
oscp
c2
command-and-control
oscp-tools
-
Updated
Sep 9, 2021 - Python
Check Domain Fronting (chkdfront) - It checks if your domain fronting is working
-
Updated
Jun 26, 2021 - Ruby
Improve this page
Add a description, image, and links to the c2 topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the c2 topic, visit your repo's landing page and select "manage topics."
Current implementation of
proclistplugin useswin32_ps_list_procs()php function on Windows host.Therefore, linux implementation is a simple
system("ps -a"), which is OPSEC unsafe, an would probably trigger EDR alerts.A better implementation should avoid relying on system command execution.