ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants and the operator. It uses legitimate Zoom messaging APIs to send commands and receive results, effectively blending in with regular Zoom traffic.
☆57Jun 30, 2025Updated 9 months ago
Alternatives and similar repositories for ZoomBotC2
Users that are interested in ZoomBotC2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆38Aug 31, 2025Updated 7 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆43Dec 7, 2025Updated 4 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆76Mar 15, 2026Updated last month
- Weaponizing DCOM for NTLM Authentication Coercions☆207Nov 4, 2025Updated 5 months ago
- Rust crate to obfuscate strings and byte arrays so they are not in memory when not in use.☆21Updated this week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated last year
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆285Apr 6, 2025Updated last year
- This is a custom SSM agent which is sorta functional☆17Jul 5, 2021Updated 4 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 9 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆168Nov 2, 2025Updated 5 months ago
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Modular Shellcode Loader in C++☆10Apr 14, 2026Updated 2 weeks ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆26Jun 11, 2025Updated 10 months ago
- burpsuite extension to analyze javascript files using semgrep☆12Feb 3, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆33Sep 23, 2022Updated 3 years ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- A technique for Active Directory domain persistence☆39May 31, 2023Updated 2 years ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆146Jul 2, 2025Updated 9 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆281Jun 15, 2024Updated last year
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆156Nov 23, 2025Updated 5 months ago
- IoM defualt mal package☆10Feb 22, 2026Updated 2 months ago
- A COFF Loader written in Rust☆141Dec 1, 2025Updated 4 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆46Jul 9, 2025Updated 9 months ago
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆349Mar 21, 2026Updated last month
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 9 months ago
- NTLM HTTP relay tool with SOCKS proxy for browser session hijacking☆152Apr 6, 2026Updated 3 weeks ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Thats it! An Open-Source Windows UEFI Rootkit☆29Jul 19, 2025Updated 9 months ago
- ☆15Apr 29, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆24Nov 23, 2022Updated 3 years ago
- ☆18Nov 24, 2020Updated 5 years ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆347Oct 7, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year