Alternatives and similar repositories for Malleable-C2-Profiles

Users that are interested in Malleable-C2-Profiles are comparing it to the libraries listed below

• CCob / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆727Updated 9 months ago
• Cobalt-Strike / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆215Updated 2 months ago
• anthemtotheego / InlineExecute-Assembly
  InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…
  ☆671Updated last year
• rvrsh3ll / BOF_Collection
  Various Cobalt Strike BOFs
  ☆650Updated 2 years ago
• wsummerhill / C2_RedTeam_CheatSheets
  Useful C2 techniques and cheatsheets learned from engagements
  ☆510Updated last month
• mgeeky / cobalt-arsenal
  My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
  ☆1,085Updated 2 years ago
• 0xthirteen / MoveKit
  Cobalt Strike kit for Lateral Movement
  ☆668Updated 5 years ago
• Tylous / SourcePoint
  SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
  ☆1,133Updated last month
• Inf0secRabbit / BadAssMacros
  BadAssMacros - C# based automated Malicous Macro Generator.
  ☆422Updated 3 years ago
• boku7 / spawn
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆460Updated 2 years ago
• N7WEra / BofAllTheThings
  Creating a repository with all public Beacon Object Files (BoFs)
  ☆502Updated last year
• pwn1sher / WMEye
  WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
  ☆367Updated 3 years ago
• REDMED-X / OperatorsKit
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆607Updated 2 weeks ago
• kyleavery / AceLdr
  Cobalt Strike UDRL for memory scanner evasion.
  ☆939Updated last year
• FuzzySecurity / StandIn
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆772Updated last year
• rasta-mouse / SharpC2
  Command and Control Framework written in C#
  ☆408Updated last year
• improsec / SharpEventPersist
  Persistence by writing/reading shellcode from Event Log
  ☆373Updated 3 years ago
• WKL-Sec / Malleable-CS-Profiles
  A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
  ☆440Updated 2 weeks ago
• cube0x0 / SharpSystemTriggers
  Collection of remote authentication triggers in C#
  ☆488Updated last year
• boku7 / azureOutlookC2
  Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for…
  ☆488Updated 2 years ago
• trustedsec / CS-Remote-OPs-BOF
  ☆984Updated 3 months ago
• mdsecactivebreach / Farmer
  ☆388Updated 4 years ago
• outflanknl / C2-Tool-Collection
  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…
  ☆1,234Updated last year
• threatexpress / random_c2_profile
  Cobalt Strike random C2 Profile generator
  ☆660Updated 2 years ago
• S3cur3Th1sSh1t / SharpImpersonation
  A User Impersonation tool - via Token or Shellcode injection
  ☆415Updated 3 years ago
• S3cur3Th1sSh1t / MultiPotato
  ☆521Updated 3 years ago
• rasta-mouse / AmsiScanBufferBypass
  Bypass AMSI by patching AmsiScanBuffer
  ☆265Updated 4 years ago
• Flangvik / AMSI.fail
  C# Azure Function with an HTTP trigger that generates obfuscated PowerShell snippets that break or disable AMSI for the current process.
  ☆410Updated 9 months ago
• GeorgePatsias / ScareCrow-CobaltStrike
  Cobalt Strike script for ScareCrow payloads intergration (EDR/AV evasion)
  ☆465Updated 2 years ago
• Wh04m1001 / DFSCoerce
  ☆781Updated 2 years ago