carbonblack/active_c2_ioc_public external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

carbonblack/active_c2_ioc_public

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/carbonblack/active_c2_ioc_public)

Close

carbonblack / active_c2_ioc_publicView on GitHubMore

• External links
• Readme badge

Active C2 IoCs

☆99Nov 28, 2022Updated 3 years ago

Alternatives and similar repositories for active_c2_ioc_public

Users that are interested in active_c2_ioc_public are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• cedowens / C2-JARM

  View on GitHub
  A list of JARM hashes for different ssl implementations used by some C2/red team tools.
  ☆144Apr 20, 2023Updated 2 years ago
• drb-ra / C2IntelFeeds

  View on GitHub
  Automatically created C2 Feeds
  ☆668Updated this week
• Abjuri5t / SarlackLab

  View on GitHub
  ☆34Nov 11, 2025Updated 4 months ago
• hpthreatresearch / iocs

  View on GitHub
  Indicators of Compromise (IOCs) accompanying HP Threat Research blog posts and reports.
  ☆29Apr 10, 2024Updated last year
• hpthreatresearch / subcrawl

  View on GitHub
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆150Sep 22, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• JPCERTCC / jpcert-yara

  View on GitHub
  JPCERT/CC public YARA rules repository
  ☆109Mar 9, 2026Updated 2 weeks ago
• silence-is-best / c2db

  View on GitHub
  c2 traffic
  ☆195Feb 6, 2023Updated 3 years ago
• jeFF0Falltrades / IoCs

  View on GitHub
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆29Jun 11, 2020Updated 5 years ago
• Te-k / cobaltstrike

  View on GitHub
  Code and yara rules to detect and analyze Cobalt Strike
  ☆272May 5, 2021Updated 4 years ago
• CronUp / Malware-IOCs

  View on GitHub
  ☆96May 5, 2025Updated 10 months ago
• 2igosha / sunburst_dga

  View on GitHub
  ☆22Dec 22, 2020Updated 5 years ago
• fox-it / cobaltstrike-beacon-data

  View on GitHub
  Open Dataset of Cobalt Strike Beacon metadata (2018-2022)
  ☆133Mar 28, 2022Updated 4 years ago
• mr-r3b00t / parse_win_log

  View on GitHub
  ☆14Aug 21, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• sonofagl1tch / MalwareResearch

  View on GitHub
  This directory contains random scripts from threat hunting or malware research
  ☆11Feb 15, 2018Updated 8 years ago
• nccgroup / pybeacon

  View on GitHub
  A collection of scripts for dealing with Cobalt Strike beacons in Python
  ☆169Jan 5, 2021Updated 5 years ago
• montysecurity / InfraSpyder

  View on GitHub
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆28Apr 22, 2023Updated 2 years ago
• ninoseki / mihari

  View on GitHub
  A query aggregator for OSINT based threat hunting
  ☆933Mar 7, 2026Updated 3 weeks ago
• Sentinel-One / CobaltStrikeParser

  View on GitHub
  ☆1,134Dec 19, 2023Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools

  View on GitHub
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆66Jul 7, 2022Updated 3 years ago
• AbdulRhmanAlfaifi / CryptnetURLCacheParser

  View on GitHub
  CryptnetURLCacheParser is a tool to parse CryptAPI cache files
  ☆21Aug 3, 2024Updated last year
• whickey-r7 / grab_beacon_config

  View on GitHub
  ☆451Aug 4, 2021Updated 4 years ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆211May 16, 2022Updated 3 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• shabarkin / pointer

  View on GitHub
  Pointer was developed for massive hunting and mapping Cobalt Strike servers exposed on the internet.
  ☆68Apr 12, 2022Updated 3 years ago
• CrowdStrike / SuperMem

  View on GitHub
  A python script developed to process Windows memory images based on triage type.
  ☆266Nov 25, 2023Updated 2 years ago
• JPCERTCC / MalConfScan

  View on GitHub
  Volatility plugin for extracts configuration data of known malware
  ☆495Dec 22, 2023Updated 2 years ago
• strozfriedberg / cobaltstrike-config-extractor

  View on GitHub
  Cobalt Strike Beacon configuration extractor and parser.
  ☆160Oct 30, 2025Updated 4 months ago
• gsiddharth29 / Threat-Hunting

  View on GitHub
  Threat Hunt Investigation Methodology and Procedure
  ☆15Jul 11, 2022Updated 3 years ago
• 3CORESec / MAL-CL

  View on GitHub
  MAL-CL (Malicious Command-Line)
  ☆322Jan 10, 2023Updated 3 years ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 3 years ago
• felixweyne / imaginaryC2

  View on GitHub
  Imaginary C2 is a python tool which aims to help in the behavioral (network) analysis of malware. Imaginary C2 hosts a HTTP server which …
  ☆446Oct 26, 2022Updated 3 years ago
• fox-it / dissect.cobaltstrike

  View on GitHub
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆187Mar 17, 2026Updated last week
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• Cyb3r-Monk / RITA-J

  View on GitHub
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆209Jul 21, 2022Updated 3 years ago
• CrowdStrike / xwf-yara-scanner

  View on GitHub
  ☆93Jul 30, 2025Updated 7 months ago
• c2links / NoWhere2Hide

  View on GitHub
  C2 Active Scanner
  ☆59Jun 19, 2024Updated last year
• svo80 / vti_search

  View on GitHub
  VirusTotal Intelligence Search
  ☆40May 21, 2020Updated 5 years ago
• Cluster25 / detection

  View on GitHub
  Threat Detection Rules (Snort/Sigma/Yara)
  ☆14Jan 23, 2024Updated 2 years ago
• MichaelKoczwara / Awesome-CobaltStrike-Defence

  View on GitHub
  Defences against Cobalt Strike
  ☆1,297Jul 14, 2022Updated 3 years ago
• ald3ns / XPR-dump

  View on GitHub
  Helper scripts to automate the extraction of YARA rules from XProtectRemediators
  ☆22Mar 5, 2024Updated 2 years ago