SecTheBit / ZoomBotC2Links
ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants and the operator. It uses legitimate Zoom messaging APIs to send commands and receive results, effectively blending in with regular Zoom traffic.
☆57Updated 7 months ago
Alternatives and similar repositories for ZoomBotC2
Users that are interested in ZoomBotC2 are comparing it to the libraries listed below
Sorting:
- ☆55Updated 8 months ago
- Remote service-staging tool built on Impacket, designed for BOF-style lateral movement workflows that lets you upload custom service load…☆119Updated last month
- Utilizng an MCP Server to communicate with your C2☆86Updated 8 months ago
- Modern PIC implant for Windows (64 & 32 bit)☆105Updated 6 months ago
- ☆53Updated 4 months ago
- ☆109Updated 11 months ago
- A python script that automates a C2 Profile build☆48Updated last month
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆89Updated 11 months ago
- ☆57Updated 11 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆53Updated 4 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54Updated 8 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆99Updated 6 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Updated 9 months ago
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆135Updated 7 months ago
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆88Updated last month
- Automatically scan the file system to identify Electron applications vulnerable to ASAR tampering.☆148Updated 2 months ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆74Updated 5 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆124Updated last year
- Threadless shellcode injection tool☆68Updated last year
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆85Updated 3 months ago
- Just another EDR killer☆85Updated 2 weeks ago
- A portable C# utility for enumerating local and remote windows sessions☆55Updated last month
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆51Updated 8 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆131Updated 5 months ago
- A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA …☆163Updated 3 months ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆64Updated last year
- Impersonate Tokens using only NTAPI functions☆83Updated 10 months ago