Parses logs created by Cobalt Strike, Brute Ratel, OC2 and creates an SQLite DB which can be used to create custom reports.
☆25Mar 18, 2026Updated this week
Alternatives and similar repositories for C2-logparser
Users that are interested in C2-logparser are comparing it to the libraries listed below
Sorting:
- ☆13Jul 30, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Sep 15, 2023Updated 2 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 5 months ago
- desktop screenshot☆29Apr 26, 2023Updated 2 years ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆19Oct 15, 2020Updated 5 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Mar 9, 2022Updated 4 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Library of BOFs to interact with SQL servers☆227Dec 3, 2025Updated 3 months ago
- Tool for issuing manual LDAP queries which offers bofhound compatible output☆57Jun 2, 2024Updated last year
- Repository for Ludus french templates☆23Mar 1, 2026Updated 3 weeks ago
- ☆49Apr 9, 2025Updated 11 months ago
- Beacon Object File implementation of pwn1sher's KillDefender☆67Jun 28, 2022Updated 3 years ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Ansible Role for Ludus to provision or remove a device to/from a Tailnet.☆14Dec 5, 2025Updated 3 months ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆122Sep 14, 2021Updated 4 years ago
- ☆17Jan 9, 2025Updated last year
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- A modern, web-based GUI for Hashcat that provides an intuitive interface for hash cracking operations, featuring real-time monitoring, pe…☆34Mar 5, 2025Updated last year
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel☆390Feb 23, 2024Updated 2 years ago
- Subtract one PE file from another!☆20Oct 1, 2021Updated 4 years ago
- SharpReg is a simple code set to interact with the Remote Registry service api and is compatible with Cobalt Strike.☆28Apr 12, 2020Updated 5 years ago
- Phantom is project created to perform loading and executing .NET assemblies directly in memory within an IIS environment running in full‑…☆68Mar 10, 2026Updated last week
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- SharpSvc is a simple code set to interact with the SC Manager API and is compatible with Cobalt Strike.☆26Aug 8, 2023Updated 2 years ago
- A python script to force authentication using MS-RPRN RemoteFindFirstPrinterChangeNotificationEx function (opnum 65).☆31Feb 11, 2025Updated last year
- ☆61Aug 30, 2021Updated 4 years ago
- Your Skyfall Infrastructure Pack☆91Jan 25, 2026Updated last month
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆574Jan 20, 2026Updated 2 months ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Creating them Golden Tickets☆14Aug 16, 2025Updated 7 months ago
- Malicious DLL Generator in Py3☆27Jul 8, 2020Updated 5 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Nov 26, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆91Sep 9, 2022Updated 3 years ago