Extract C2 Traffic
☆255Nov 25, 2024Updated last year
Alternatives and similar repositories for C2-Hunter
Users that are interested in C2-Hunter are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- A C# Command & Control framework☆1,028Mar 28, 2024Updated 2 years ago
- Bypass Malware Sandbox Evasion Ram check☆139Jan 3, 2023Updated 3 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆333Jul 15, 2024Updated last year
- Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes☆1,055Jun 20, 2023Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Loading Remote AES Encrypted PE in memory , Decrypted it and run it☆1,028Aug 29, 2023Updated 2 years ago
- kill anti-malware protected processes ( BYOVD )☆978Jul 21, 2023Updated 2 years ago
- A dynamic unpacking tool☆154Sep 17, 2023Updated 2 years ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆139Jul 10, 2025Updated 10 months ago
- ETW based POC to identify direct and indirect syscalls☆196Apr 19, 2023Updated 3 years ago
- Now You See Me, Now You Don't☆1,046Jan 23, 2026Updated 3 months ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 3 years ago
- Spartacus DLL/COM Hijacking Toolkit☆1,079Feb 1, 2024Updated 2 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the …☆1,408Nov 7, 2024Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,389Oct 27, 2023Updated 2 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆446Aug 2, 2023Updated 2 years ago
- Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol☆264Sep 26, 2025Updated 7 months ago
- HVNC for Cobalt Strike☆1,332Dec 7, 2023Updated 2 years ago
- Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.☆686Nov 9, 2023Updated 2 years ago
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆248Aug 2, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆105Jul 6, 2023Updated 2 years ago
- it is very good☆516Dec 20, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory☆336Jun 22, 2024Updated last year
- A suite of tools to disrupt campaigns using the Sliver C2 framework.☆282Aug 5, 2023Updated 2 years ago
- Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs☆1,234Aug 18, 2023Updated 2 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆193Jun 30, 2023Updated 2 years ago
- Fully modular persistence framework☆259Apr 10, 2023Updated 3 years ago
- A keystroke logger targeting the Remote Desktop Protocol (RDP) related processes, It utilizes a low-level keyboard input hook, allowing i…☆398Aug 2, 2023Updated 2 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆328Jan 31, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- Go shellcode loader that combines multiple evasion techniques☆387Jun 21, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆39Nov 16, 2023Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆959Feb 2, 2026Updated 3 months ago
- EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offer…☆375Apr 6, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,015Jun 4, 2024Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83May 23, 2023Updated 2 years ago
- A Streamlined FTP-Driven Command and Control Conduit for Interconnecting Remote Systems.☆90Nov 9, 2023Updated 2 years ago
- Bypass Malware Time Delays☆105Sep 23, 2022Updated 3 years ago