Open Source Implementation of Cobalt Strike's Malleable C2
☆98Jan 27, 2026Updated 2 months ago
Alternatives and similar repositories for OpenMalleableC2
Users that are interested in OpenMalleableC2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- ☆38Oct 16, 2025Updated 5 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆24Mar 19, 2026Updated 3 weeks ago
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆47Jan 28, 2026Updated 2 months ago
- Python tool to automatically perform SPN-less RBCD attacks.☆128Jan 7, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Red Team tools containerized☆76Mar 25, 2026Updated 2 weeks ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- Let's make quick work of GraphQL instances ;)☆25Mar 8, 2026Updated last month
- C# API for Nidhogg rootkit☆21Apr 25, 2024Updated last year
- Invoke-AtomicAssessment is a powerful tool designed to facilitate adversary emulation by leveraging Atomic Red Team.☆47Jan 22, 2025Updated last year
- This is the latest version of XenoRAT, updated with configurations and capable of bypassing all system securities. It will be maintained …☆23Apr 16, 2025Updated 11 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆73Jan 19, 2026Updated 2 months ago
- ACL Viewer for Windows☆133May 4, 2025Updated 11 months ago
- ☆83Feb 12, 2026Updated last month
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆70Feb 5, 2026Updated 2 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆100Jan 10, 2026Updated 2 months ago
- Project for generating and identifying deceptive LNK files.☆313Mar 8, 2026Updated last month
- The Azure Execution Tool☆153Feb 6, 2026Updated 2 months ago
- Automated Pass-the-Ticket (PtT) attack. Standalone alternative to Rubeus and Mimikatz for this attack. Implemented in C#, C++, Crystal, P…☆129Feb 17, 2026Updated last month
- stack based arithmetic only virtual machine (VM) executes bytecode instructions to perform various basic arithmetic operations and manage…☆26Mar 19, 2025Updated last year
- command control framework☆33Apr 3, 2026Updated last week
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆439Jun 27, 2025Updated 9 months ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆209Dec 8, 2025Updated 4 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Self-mutating macOS implant☆129Mar 16, 2026Updated 3 weeks ago
- PowerShell implementation for AD CS☆116Mar 2, 2026Updated last month
- A Proof-of-Concept implementation of Reflective DLL Injection (RDI) specifically for Windows on ARM64. Demonstrates PEB access via the x1…☆35May 30, 2025Updated 10 months ago
- Threat Hunting queries of multiple platforms☆63Feb 26, 2026Updated last month
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆166Oct 21, 2025Updated 5 months ago
- Tool for playing with Windows Access Token manipulation.☆82Nov 28, 2022Updated 3 years ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆119Oct 30, 2025Updated 5 months ago
- Red Team Assessment Platform - reporting, visualizations, and analytics for cybersecurity red teams☆35Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Golang Automation Framework for Cobalt Strike using the Rest API☆57Dec 4, 2025Updated 4 months ago
- Phantom Keylogger is an advanced, stealth-enabled keystroke and visual intelligence gathering system.☆77Dec 10, 2025Updated 3 months ago
- Linux Process Injection via Seccomp Notifier☆84Dec 9, 2025Updated 4 months ago
- ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants …☆56Jun 30, 2025Updated 9 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- ☆54Oct 13, 2025Updated 5 months ago
- A PowerShell console in C/C++ with all the security features disabled☆380Oct 14, 2025Updated 5 months ago