ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants and the operator. It uses legitimate Zoom messaging APIs to send commands and receive results, effectively blending in with regular Zoom traffic.
☆56Jun 30, 2025Updated 11 months ago
Alternatives and similar repositories for ZoomBotC2
Users that are interested in ZoomBotC2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆38Aug 31, 2025Updated 9 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆44Dec 7, 2025Updated 6 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆211Nov 4, 2025Updated 7 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆21Apr 30, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆287Apr 6, 2025Updated last year
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆26Mar 12, 2025Updated last year
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 10 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆168Nov 2, 2025Updated 7 months ago
- converts sRDI compatible dlls to shellcode☆39Jan 20, 2025Updated last year
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 11 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- burpsuite extension to analyze javascript files using semgrep☆13Feb 3, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 3 years ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆149Jul 2, 2025Updated 11 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆154Nov 23, 2025Updated 6 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆283Jun 15, 2024Updated last year
- IoM defualt mal package☆10Feb 22, 2026Updated 3 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A COFF Loader written in Rust☆141Dec 1, 2025Updated 6 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆45Jul 9, 2025Updated 11 months ago
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆353Mar 21, 2026Updated 2 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 11 months ago
- ☆15Apr 29, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆24Nov 23, 2022Updated 3 years ago
- ☆18Nov 24, 2020Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆165Oct 31, 2024Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆354Oct 7, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆97Dec 24, 2024Updated last year
- ASPX Web Shell with COFF Loader☆130Mar 10, 2026Updated 2 months ago
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 11 months ago
- Field guide to gather low-hanging fruits☆15Mar 20, 2025Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year