AWS X-Ray for Covert Command & Control
☆45Oct 13, 2025Updated 5 months ago
Alternatives and similar repositories for XRayC2
Users that are interested in XRayC2 are comparing it to the libraries listed below
Sorting:
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Custom dyld version inherited from original Apple dyld implementation☆23Apr 27, 2024Updated last year
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- ☆39Nov 25, 2025Updated 3 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆19Nov 11, 2025Updated 4 months ago
- AV/EDR killer using BYOVD technique☆44Sep 27, 2024Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆85Aug 13, 2024Updated last year
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 3 months ago
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- A self-hosted Armory implementation.☆22Jan 1, 2026Updated 2 months ago
- A BOF that's a BOF Loader and more☆200Jan 17, 2026Updated 2 months ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- A Crystal Palace shared library to resolve & perform syscalls☆58Oct 29, 2025Updated 4 months ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆116Oct 30, 2025Updated 4 months ago
- Basic network sec tool for real-time threat detection and C2 communication prevention. Features 70+ detection modules, IOC integration, c…☆17Jun 11, 2024Updated last year
- python3 scripts to help with aws triage needs☆15Feb 11, 2022Updated 4 years ago
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 3 months ago
- PowerView menu for Cobalt Strike☆70Mar 22, 2018Updated 7 years ago
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- A powerful macOS triage collection tool designed for forensic analysis. It gathers critical system artifacts such as FSEvents, Spotlight,…☆40Oct 24, 2025Updated 4 months ago
- A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…☆35Jan 7, 2026Updated 2 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆95Jul 7, 2025Updated 8 months ago
- C++ Assembler with Built-in Mutation Engine☆30Sep 6, 2025Updated 6 months ago
- A C++17 header-only library that provides compile-time string encryption and decryption using SIMD instructions and junk code injection.☆26Mar 2, 2026Updated 2 weeks ago
- AI-based Ludus range configuration builder☆29May 6, 2025Updated 10 months ago
- Backend development stack for agents☆29Jul 30, 2025Updated 7 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆190Jan 11, 2026Updated 2 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆187Nov 23, 2025Updated 3 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆65Jan 5, 2026Updated 2 months ago
- "Two-Face" Rust binary on Linux☆51Nov 10, 2025Updated 4 months ago
- Power Automate C2 (PAC2) : Stealth living-off-the-cloud C2 framework.☆36Apr 16, 2024Updated last year
- CVE-2020-16899 - Microsoft Windows TCP/IP Vulnerability Detection Logic and Rule☆20Oct 19, 2020Updated 5 years ago
- Sh3ller is a lightweight C2 framework in its simplest form.☆31Sep 5, 2025Updated 6 months ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆69Mar 8, 2026Updated last week
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated 2 months ago