Extract C2 Traffic
☆254Nov 25, 2024Updated last year
Alternatives and similar repositories for C2-Hunter
Users that are interested in C2-Hunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- A C# Command & Control framework☆1,030Mar 28, 2024Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆141Jan 3, 2023Updated 3 years ago
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,050Jun 20, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆331Jul 15, 2024Updated last year
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Loading Remote AES Encrypted PE in memory , Decrypted it and run it☆1,026Aug 29, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )☆973Jul 21, 2023Updated 2 years ago
- A dynamic unpacking tool☆149Sep 17, 2023Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆138Jul 10, 2025Updated 8 months ago
- ETW based POC to identify direct and indirect syscalls☆189Apr 19, 2023Updated 2 years ago
- Now You See Me, Now You Don't☆1,040Jan 23, 2026Updated 2 months ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 3 years ago
- Spartacus DLL/COM Hijacking Toolkit☆1,078Feb 1, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,406Nov 7, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,376Oct 27, 2023Updated 2 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆445Aug 2, 2023Updated 2 years ago
- Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol☆263Sep 26, 2025Updated 6 months ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆682Nov 9, 2023Updated 2 years ago
- HVNC for Cobalt Strike☆1,314Dec 7, 2023Updated 2 years ago
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆247Aug 2, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆105Jul 6, 2023Updated 2 years ago
- it is very good☆515Dec 20, 2022Updated 3 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory☆337Jun 22, 2024Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆283Aug 5, 2023Updated 2 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,232Aug 18, 2023Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆190Jun 30, 2023Updated 2 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 2 years ago
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Jan 6, 2023Updated 3 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Go shellcode loader that combines multiple evasion techniques☆388Jun 21, 2023Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆955Feb 2, 2026Updated 2 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆373Apr 6, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,009Jun 4, 2024Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83May 23, 2023Updated 2 years ago
- Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.☆2,295Feb 15, 2026Updated last month
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆90Nov 9, 2023Updated 2 years ago