Extract C2 Traffic
☆254Nov 25, 2024Updated last year
Alternatives and similar repositories for C2-Hunter
Users that are interested in C2-Hunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- A C# Command & Control framework☆1,032Mar 28, 2024Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆139Jan 3, 2023Updated 3 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆332Jul 15, 2024Updated last year
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,053Jun 20, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Loading Remote AES Encrypted PE in memory , Decrypted it and run it☆1,028Aug 29, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )☆973Jul 21, 2023Updated 2 years ago
- A dynamic unpacking tool☆153Sep 17, 2023Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆139Jul 10, 2025Updated 9 months ago
- ETW based POC to identify direct and indirect syscalls☆192Apr 19, 2023Updated 3 years ago
- Now You See Me, Now You Don't☆1,043Jan 23, 2026Updated 3 months ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 3 years ago
- Spartacus DLL/COM Hijacking Toolkit☆1,079Feb 1, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,407Nov 7, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,383Oct 27, 2023Updated 2 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆445Aug 2, 2023Updated 2 years ago
- Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol☆264Sep 26, 2025Updated 7 months ago
- HVNC for Cobalt Strike☆1,322Dec 7, 2023Updated 2 years ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆685Nov 9, 2023Updated 2 years ago
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆248Aug 2, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆105Jul 6, 2023Updated 2 years ago
- it is very good☆515Dec 20, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory☆337Jun 22, 2024Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆283Aug 5, 2023Updated 2 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,233Aug 18, 2023Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆191Jun 30, 2023Updated 2 years ago
- Fully modular persistence framework�☆259Apr 10, 2023Updated 3 years ago
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- Go shellcode loader that combines multiple evasion techniques☆387Jun 21, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆957Feb 2, 2026Updated 2 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆375Apr 6, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,014Jun 4, 2024Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83May 23, 2023Updated 2 years ago
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆90Nov 9, 2023Updated 2 years ago
- Windows rootkit for Intel x64 with 25+ features, demonstrating rootkit techniques compatible with all Windows 10 and Windows 11 versions.☆2,317Feb 15, 2026Updated 2 months ago