Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x & Mythic HTTPX 0.0.4.
☆33Mar 28, 2026Updated 3 months ago
Alternatives and similar repositories for Malleable-C2-Profiles
Users that are interested in Malleable-C2-Profiles are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution☆161Updated this week
- Object file loader implemented as a post-ex DLL for asynchronous BOF execution.☆29Jun 15, 2026Updated last month
- A modern alternative Web-UI for the Mythic Command and Control Server☆79Jul 3, 2026Updated last week
- An aggressor script that tracks operational changes made during a red team engagement. Gives you a full audit trail of what was changed a…☆27May 21, 2026Updated last month
- Tailscale/Headscale C2 profile and agent for Mythic☆25Mar 14, 2026Updated 4 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts shellcode into payloads specifically used for ph…☆144Jul 7, 2026Updated last week
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Async port scanner BOF. Supports IP/port ranges, CIDR notation and hostnames.☆18Jun 17, 2026Updated 3 weeks ago
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- One PsExec client to rule them all☆15Mar 25, 2026Updated 3 months ago
- A BOF designed to inspect processes memory and addresses☆40Apr 19, 2026Updated 2 months ago
- Automatically deploying Mythic C2 in Azure using Terraform☆20Jul 3, 2026Updated last week
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆63May 4, 2026Updated 2 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 11 months ago
- Open Source Implementation of Cobalt Strike's Malleable C2☆104Jun 27, 2026Updated 2 weeks ago
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 4 months ago
- A vibe-coded port of wiretap☆35Apr 25, 2026Updated 2 months ago
- Tyche is a Mythic HTTPX Profile Generator used to create Malleable C2 Profiles.☆46Mar 28, 2026Updated 3 months ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- A POC tool for exploring dev-tunnels☆66May 5, 2026Updated 2 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Combining KslDump and GhostKatz to dump LSASS using no-fix KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest clea…☆45Mar 27, 2026Updated 3 months ago
- Adaptix C2 service plugin that drives LitterBox payload analysis from the operator UI.☆61May 4, 2026Updated 2 months ago
- Reflective PE loader written in Zig. Loads and executes native and .NET PE files directly from memory.☆67Mar 2, 2026Updated 4 months ago
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆25Aug 5, 2025Updated 11 months ago
- Async BOF to monitor and detect clipboard changes on a target system and return the clipboard contents.☆22May 5, 2026Updated 2 months ago
- Phantom is project created to perform loading and executing unmanaged code in memory within an IIS environment running in full‑trust mode…☆107Jun 5, 2026Updated last month
- WhatAboutSAM is my custom PoC of a Windows SAM dumper☆37Jul 4, 2026Updated last week
- Fawkes is a golang Mythic C2 Agent exclusively written by AI.☆34Jun 11, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- DevSecOps for the AI-era CI/CD pipeline. Catches the bugs your AI coding assistant introduces — before they reach production.☆20Updated this week
- Tool that gathers a customizable set of ETW telemetry and generates user-defined detections☆55Jan 28, 2026Updated 5 months ago
- Beacon Object File for LDAP Queries Through ADWS☆33Jun 12, 2026Updated last month
- Native C++ access to Active Directory over ADWS, no .NET, no WCF, no HTTP stack.☆81Mar 27, 2026Updated 3 months ago
- ☆50Dec 5, 2025Updated 7 months ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆45Oct 30, 2024Updated last year