A collection of tools and detections for the Sliver C2 Frameworj
☆132Apr 24, 2023Updated 2 years ago
Alternatives and similar repositories for SliverC2-Forensics
Users that are interested in SliverC2-Forensics are comparing it to the libraries listed below
Sorting:
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆282Aug 5, 2023Updated 2 years ago
- Cyber Security Club, Offensive Operations Section (Red Team) learning pathway.☆29Jun 6, 2023Updated 2 years ago
- Simple BOF to read the protection level of a process☆118May 10, 2023Updated 2 years ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆157Nov 23, 2025Updated 3 months ago
- ☆46Oct 27, 2023Updated 2 years ago
- Kill AV/EDR leveraging BYOVD attack☆391Jul 11, 2023Updated 2 years ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- A set of tools and resources for analysis of Havoc C2☆26Feb 27, 2024Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- RunPE implementation with multiple evasive techniques (1)☆382Sep 22, 2023Updated 2 years ago
- Offensive Security MISC Annotations and Payloads for Ethical Hackers / Security Researchers☆30Dec 12, 2024Updated last year
- Materials for the workshop "Red Team Ops: Havoc 101"☆394Oct 6, 2024Updated last year
- Swift code to programmatically execute local or hosted JXA payloads from Terminal without using the on-disk osascript binary.☆23Apr 22, 2021Updated 4 years ago
- ☆18Mar 26, 2024Updated last year
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- An interactive shell to spoof some LOLBins command line☆188Jan 27, 2024Updated 2 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Oct 31, 2023Updated 2 years ago
- An aggressor script that can help automate payload building in Cobalt Strike☆118Jan 22, 2024Updated 2 years ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Oct 9, 2024Updated last year
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- A simple useless rootkit for the linux kernel. It is a kernel module which hooks up the open() syscall (or potentially any syscall) to re…☆12Mar 13, 2016Updated 9 years ago
- ☆11Dec 8, 2023Updated 2 years ago
- ☆36Feb 12, 2026Updated 3 weeks ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- A command line tool to interact with Microsoft Graph API☆22May 27, 2024Updated last year
- Aims to identify sleeping beacons☆662Jan 25, 2026Updated last month
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆285Jun 8, 2023Updated 2 years ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated last year
- ☆168Feb 29, 2024Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 9 months ago
- ☆60Jan 9, 2023Updated 3 years ago
- ☆11Nov 12, 2023Updated 2 years ago
- ☆14Sep 26, 2023Updated 2 years ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- Python Library for ConfigExtractor☆15Feb 24, 2026Updated last week