Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
☆17May 18, 2021Updated 4 years ago
Alternatives and similar repositories for Malleable-C2-Profiles
Users that are interested in Malleable-C2-Profiles are comparing it to the libraries listed below
Sorting:
- Malware campaigns and APTs research by BlackArrow☆19Apr 30, 2020Updated 5 years ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- ☆11Oct 3, 2021Updated 4 years ago
- Runpe + DInvoke + Syscall☆16Jun 18, 2021Updated 4 years ago
- Red Team C2 and Post Exploitation code☆35Jul 8, 2025Updated 7 months ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 5 years ago
- inject and run code into arbitrary process (x86 and x64)☆14Oct 20, 2021Updated 4 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- Call 32bit NtDLL API directly from WoW64 Layer☆62Nov 18, 2020Updated 5 years ago
- ☆13Oct 20, 2021Updated 4 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Jun 20, 2021Updated 4 years ago
- Reverse shell macro using Word VBA☆17Oct 10, 2020Updated 5 years ago
- Non organized Cpp code files I used for my research on Windows☆28Aug 9, 2020Updated 5 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- C# wrapper for ligolo☆17Dec 9, 2021Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- ☆26Mar 10, 2022Updated 3 years ago
- Ansible Cobalt Strike (Docker)☆15Jan 8, 2022Updated 4 years ago
- ☆39Jul 29, 2021Updated 4 years ago
- A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.☆86Oct 28, 2021Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Beacon payload using AV bypass method from https://github.com/fullmetalcache/CsharpMMNiceness and shellcode generated from https://github…☆20Feb 9, 2021Updated 5 years ago
- ☆21Sep 10, 2021Updated 4 years ago
- ☆25Jul 23, 2024Updated last year
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html><html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en" class=…☆10Jun 13, 2017Updated 8 years ago
- Extendable payload obfuscation and delivery framework☆146Nov 4, 2022Updated 3 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- transmit cs beacon (shellcode) over self-made dns to avoid anti-kill and AV☆50Jan 19, 2021Updated 5 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆53Dec 21, 2021Updated 4 years ago
- Strstr with user-supplied needle and filename as a BOF.☆32Sep 27, 2021Updated 4 years ago
- Yet another PoC for https://www.wietzebeukema.nl/blog/hijacking-dlls-in-windows☆143Jul 11, 2020Updated 5 years ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- C# .Net 5.0 project to build BOF (Beacon Object Files) in mass☆25Jul 25, 2023Updated 2 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 3 years ago