ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants and the operator. It uses legitimate Zoom messaging APIs to send commands and receive results, effectively blending in with regular Zoom traffic.
☆56Jun 30, 2025Updated 8 months ago
Alternatives and similar repositories for ZoomBotC2
Users that are interested in ZoomBotC2 are comparing it to the libraries listed below
Sorting:
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆40Dec 7, 2025Updated 3 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆199Nov 4, 2025Updated 4 months ago
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆21Mar 2, 2026Updated 2 weeks ago
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Sleep obfuscation in golang based on ekko☆13Jan 16, 2024Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- ☆56Mar 13, 2026Updated last week
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆164Nov 2, 2025Updated 4 months ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 9 months ago
- burpsuite extension to analyze javascript files using semgrep☆12Feb 3, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆150Apr 18, 2025Updated 11 months ago
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 2 years ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆139Jul 2, 2025Updated 8 months ago
- ForsHops☆59Mar 25, 2025Updated 11 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆284Jun 15, 2024Updated last year
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆154Nov 23, 2025Updated 3 months ago
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆314Feb 16, 2026Updated last month
- A COFF Loader written in Rust☆140Dec 1, 2025Updated 3 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 11 months ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆45Jul 9, 2025Updated 8 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 8 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆29Jul 19, 2025Updated 8 months ago
- ☆15Apr 29, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- ☆18Nov 24, 2020Updated 5 years ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆343Oct 7, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- ASPX Web Shell with COFF Loader☆112Mar 10, 2026Updated last week
- Field guide to gather low-hanging fruits☆14Mar 20, 2025Updated last year
- Sleep obfuscation☆270Dec 13, 2024Updated last year