ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants and the operator. It uses legitimate Zoom messaging APIs to send commands and receive results, effectively blending in with regular Zoom traffic.
☆56Jun 30, 2025Updated 9 months ago
Alternatives and similar repositories for ZoomBotC2
Users that are interested in ZoomBotC2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 7 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆43Dec 7, 2025Updated 4 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆205Nov 4, 2025Updated 5 months ago
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆20Mar 2, 2026Updated last month
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆284Apr 6, 2025Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆166Nov 2, 2025Updated 5 months ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 9 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- NTLM HTTP relay tool with SOCKS proxy for browser session hijacking☆108Updated this week
- burpsuite extension to analyze javascript files using semgrep☆12Feb 3, 2025Updated last year
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 2 years ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆139Jul 2, 2025Updated 9 months ago
- ForsHops☆59Mar 25, 2025Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆281Jun 15, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- IoM defualt mal package☆10Feb 22, 2026Updated last month
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆154Nov 23, 2025Updated 4 months ago
- A COFF Loader written in Rust☆140Dec 1, 2025Updated 4 months ago
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆341Mar 21, 2026Updated 2 weeks ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆46Jul 9, 2025Updated 9 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 9 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆29Jul 19, 2025Updated 8 months ago
- ☆15Apr 29, 2023Updated 2 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- ☆18Nov 24, 2020Updated 5 years ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆348Oct 7, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- ASPX Web Shell with COFF Loader☆126Mar 10, 2026Updated last month
- Scripts for importing threat feeds and CTI articles, blogs, and reports into MISP.☆18Jun 16, 2025Updated 9 months ago