AWS X-Ray for Covert Command & Control
☆45Oct 13, 2025Updated 4 months ago
Alternatives and similar repositories for XRayC2
Users that are interested in XRayC2 are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 2 months ago
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆31Sep 5, 2025Updated 5 months ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- PowerView menu for Cobalt Strike☆70Mar 22, 2018Updated 7 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Backend development stack for agents☆29Jul 30, 2025Updated 6 months ago
- Stealing MFA/2FA tokens and using them to logon with VPN clients☆17Jun 4, 2018Updated 7 years ago
- AI-based Ludus range configuration builder☆29May 6, 2025Updated 9 months ago
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆37Jul 23, 2025Updated 7 months ago
- A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…☆35Jan 7, 2026Updated last month
- A BOF that's a BOF Loader and more☆198Jan 17, 2026Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆93Jul 7, 2025Updated 7 months ago
- ☆39Nov 25, 2025Updated 3 months ago
- Generate Proxy DLLs in Rust☆47Sep 2, 2025Updated 5 months ago
- ☆109Oct 29, 2024Updated last year
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆115Oct 30, 2025Updated 3 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 3 months ago
- ☆105Feb 7, 2026Updated 2 weeks ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29May 5, 2018Updated 7 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆31Dec 31, 2021Updated 4 years ago
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆93Jan 21, 2026Updated last month
- AV/EDR killer using BYOVD technique☆43Sep 27, 2024Updated last year
- ☆28Dec 28, 2017Updated 8 years ago
- Clipboard for Command and Control between VDI, RDP and Others on Windows☆50Dec 7, 2025Updated 2 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆186Jan 11, 2026Updated last month
- ☆66Dec 24, 2021Updated 4 years ago
- time-based user enum via Basic Auth in Azure against Autodiscover☆33Oct 3, 2024Updated last year
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- A collection of PoCs to do common things in unconventional ways☆121Aug 31, 2025Updated 5 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- A simple Sleepmask BOF example☆167Nov 24, 2025Updated 3 months ago