CodeXTF2/CustomC2ChannelTemplate external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CodeXTF2/CustomC2ChannelTemplate

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CodeXTF2/CustomC2ChannelTemplate)

Close

CodeXTF2 / CustomC2ChannelTemplateView on GitHubMore

• External links
• Readme badge

template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.

☆101Jan 10, 2026Updated 2 months ago

Alternatives and similar repositories for CustomC2ChannelTemplate

Users that are interested in CustomC2ChannelTemplate are comparing it to the libraries listed below

• pard0p / Remote-BOF-Runner

  View on GitHub
  Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …
  ☆91Jan 2, 2026Updated 2 months ago
• Cobalt-Strike / icmp-udc2

  View on GitHub
  UDC2 implementation that provides an ICMP C2 channel
  ☆116Nov 24, 2025Updated 3 months ago
• 0xTriboulet / InlineExecuteEx

  View on GitHub
  A BOF that's a BOF Loader and more
  ☆200Jan 17, 2026Updated 2 months ago
• Xenov-X / csbot

  View on GitHub
  Golang Automation Framework for Cobalt Strike using the Rest API
  ☆56Dec 4, 2025Updated 3 months ago
• kypvas / LDIFToBloodHound

  View on GitHub
  A Windows tool that converts LDIF files to BloodHound CE
  ☆31Dec 20, 2025Updated 3 months ago
• T1erno / bin2shellcode

  View on GitHub
  C++ tool and library for converting .bin files to shellcode in multiple output formats.
  ☆34Aug 18, 2025Updated 7 months ago
• NtDallas / Huginn

  View on GitHub
  ☆77Feb 12, 2026Updated last month
• logangoins / BadTakeover-BOF

  View on GitHub
  Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover
  ☆86Oct 20, 2025Updated 4 months ago
• garrettfoster13 / mssqlkaren

  View on GitHub
  modified mssqlclient from impacket to extract policies from the SCCM database
  ☆46Feb 24, 2026Updated 3 weeks ago
• zyn3rgy / RelayInformer

  View on GitHub
  Python and BOF utilites to the determine EPA enforcement levels of popular NTLM relay targets from the offensive perspective
  ☆167Jan 12, 2026Updated 2 months ago
• EspressoCake / BOF_NativeAPI_Definitions-VSCode

  View on GitHub
  A VSCode plugin to assist with BOF development.
  ☆37Aug 14, 2024Updated last year
• VirtualAlllocEx / CS-EDR-Enumeration

  View on GitHub
  Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…
  ☆41Feb 6, 2026Updated last month
• zarkones / BloodfangC2

  View on GitHub
  Modern PIC implant for Windows (64 & 32 bit)
  ☆106Jul 23, 2025Updated 7 months ago
• zero2504 / COMouflage

  View on GitHub
  COM-based DLL Surrogate Injection
  ☆142Dec 9, 2025Updated 3 months ago
• MHaggis / NEBULA

  View on GitHub
  Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques
  ☆97Dec 28, 2025Updated 2 months ago
• chryzsh / awesome-bof

  View on GitHub
  🧠 The ultimate resource for finding Beacon Object Files (BOFs).
  ☆108Mar 9, 2026Updated last week
• kozmer / aad-bofs

  View on GitHub
  ☆139Nov 17, 2025Updated 4 months ago
• WKL-Sec / slack-udc2

  View on GitHub
  Cobalt Strike UDC2 implementation that provides an Slack C2 channel
  ☆65Jan 5, 2026Updated 2 months ago
• NtDallas / OdinLdr

  View on GitHub
  Cobaltstrike Reflective Loader with Synthetic Stackframe
  ☆189Jan 17, 2026Updated 2 months ago
• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20Feb 20, 2026Updated 3 weeks ago
• NTT-Security-Japan / pac2

  View on GitHub
  Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.
  ☆36Apr 16, 2024Updated last year
• VoldeSec / BOF-NPPSPY

  View on GitHub
  Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…
  ☆19Apr 24, 2023Updated 2 years ago
• Paradoxis / ADSyncDump-BOF

  View on GitHub
  The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…
  ☆174Sep 3, 2025Updated 6 months ago
• CodeXTF2 / WebcamBOF

  View on GitHub
  Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options
  ☆158Mar 26, 2025Updated 11 months ago
• BishopFox / sliver-wasm-stager

  View on GitHub
  A stager and implant that executes remote Web Assembly
  ☆37Feb 4, 2026Updated last month
• zero2504 / Fairy-Law

  View on GitHub
  Fairy Law - Compromise or disable EDR security solutions
  ☆68Dec 1, 2025Updated 3 months ago
• SAERXCIT / LibTP_Gadget

  View on GitHub
  Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.
  ☆19Nov 11, 2025Updated 4 months ago
• zero2504 / EDR-GhostLocker

  View on GitHub
  AppLocker-Based EDR Neutralization
  ☆325Dec 19, 2025Updated 3 months ago
• dmcxblue / PyObscura

  View on GitHub
  A python script that automates a C2 Profile build
  ☆48Dec 14, 2025Updated 3 months ago
• M1ndo / WerDump

  View on GitHub
  A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass
  ☆168Sep 22, 2025Updated 5 months ago
• warpedatom / OffsetInspect

  View on GitHub
  PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.
  ☆32Dec 31, 2025Updated 2 months ago
• thiagopeixoto / mystique-self-injection

  View on GitHub
  An improvement and a different approach to Mockingjay Self-Injection.
  ☆35May 21, 2024Updated last year
• Fudgedotdotdot / nimpersonate

  View on GitHub
  Impersonate Windows tokens in Nim
  ☆23Aug 4, 2025Updated 7 months ago
• jhalon / cSessionHop

  View on GitHub
  Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM
  ☆64Dec 25, 2025Updated 2 months ago
• incursi0n / ClipboardStealBOF

  View on GitHub
  An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…
  ☆103Jan 9, 2026Updated 2 months ago
• rasta-mouse / SCMUACBypass

  View on GitHub
  ☆104Sep 5, 2023Updated 2 years ago
• airbus-cert / kerlab

  View on GitHub
  kerberos in rust for fun and profit
  ☆51Updated this week
• mubix / Find-WSUS

  View on GitHub
  Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
  ☆46Oct 28, 2025Updated 4 months ago
• praetorian-inc / swarmer

  View on GitHub
  A tool to convert windows registry export files into windows hive files that can be used to replace NTUSER.MAN
  ☆107Jan 26, 2026Updated last month